2 * Copyright (c) 1991 Regents of the University of California.
3 * Copyright (c) 1994 John S. Dyson
4 * Copyright (c) 1994 David Greenman
5 * Copyright (c) 2008 The DragonFly Project.
6 * Copyright (c) 2008 Jordan Gordeev.
9 * This code is derived from software contributed to Berkeley by
10 * the Systems Programming Group of the University of Utah Computer
11 * Science Department and William Jolitz of UUNET Technologies Inc.
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. All advertising materials mentioning features or use of this software
22 * must display the following acknowledgement:
23 * This product includes software developed by the University of
24 * California, Berkeley and its contributors.
25 * 4. Neither the name of the University nor the names of its contributors
26 * may be used to endorse or promote products derived from this software
27 * without specific prior written permission.
29 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
30 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
31 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
32 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
33 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
34 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
35 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
36 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
37 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
38 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41 * from: @(#)pmap.c 7.7 (Berkeley) 5/12/91
42 * $FreeBSD: src/sys/i386/i386/pmap.c,v 1.250.2.18 2002/03/06 22:48:53 silby Exp $
43 * $DragonFly: src/sys/platform/pc64/amd64/pmap.c,v 1.3 2008/08/29 17:07:10 dillon Exp $
47 * Manages physical address maps.
49 * In addition to hardware address maps, this
50 * module is called upon to provide software-use-only
51 * maps which may or may not be stored in the same
52 * form as hardware maps. These pseudo-maps are
53 * used to store intermediate results from copy
54 * operations to and from address spaces.
56 * Since the information managed by this module is
57 * also stored by the logical address mapping module,
58 * this module may throw away valid virtual-to-physical
59 * mappings at almost any time. However, invalidations
60 * of virtual-to-physical mappings must be done as
63 * In order to cope with hardware architectures which
64 * make virtual-to-physical map invalidates expensive,
65 * this module may delay invalidate or reduced protection
66 * operations until such time as they are actually
67 * necessary. This module is given full information as
68 * to which processors are currently using which maps,
69 * and to when physical maps must be made correct.
73 #include "opt_disable_pse.h"
76 #include "opt_msgbuf.h"
78 #include <sys/param.h>
79 #include <sys/systm.h>
80 #include <sys/kernel.h>
82 #include <sys/msgbuf.h>
83 #include <sys/vmmeter.h>
87 #include <vm/vm_param.h>
88 #include <sys/sysctl.h>
90 #include <vm/vm_kern.h>
91 #include <vm/vm_page.h>
92 #include <vm/vm_map.h>
93 #include <vm/vm_object.h>
94 #include <vm/vm_extern.h>
95 #include <vm/vm_pageout.h>
96 #include <vm/vm_pager.h>
97 #include <vm/vm_zone.h>
100 #include <sys/thread2.h>
101 #include <sys/sysref2.h>
103 #include <machine/cputypes.h>
104 #include <machine/md_var.h>
105 #include <machine/specialreg.h>
106 #include <machine/smp.h>
107 #include <machine_base/apic/apicreg.h>
108 #include <machine/globaldata.h>
109 #include <machine/pmap.h>
110 #include <machine/pmap_inval.h>
112 #define PMAP_KEEP_PDIRS
113 #ifndef PMAP_SHPGPERPROC
114 #define PMAP_SHPGPERPROC 200
117 #if defined(DIAGNOSTIC)
118 #define PMAP_DIAGNOSTIC
123 #if !defined(PMAP_DIAGNOSTIC)
124 #define PMAP_INLINE __inline
130 * Get PDEs and PTEs for user/kernel address space
132 #define pmap_pde(m, v) (&((m)->pm_pdir[(vm_offset_t)(v) >> PDRSHIFT]))
133 #define pdir_pde(m, v) (m[(vm_offset_t)(v) >> PDRSHIFT])
135 #define pmap_pde_v(pte) ((*(pd_entry_t *)pte & PG_V) != 0)
136 #define pmap_pte_w(pte) ((*(pt_entry_t *)pte & PG_W) != 0)
137 #define pmap_pte_m(pte) ((*(pt_entry_t *)pte & PG_M) != 0)
138 #define pmap_pte_u(pte) ((*(pt_entry_t *)pte & PG_A) != 0)
139 #define pmap_pte_v(pte) ((*(pt_entry_t *)pte & PG_V) != 0)
143 * Given a map and a machine independent protection code,
144 * convert to a vax protection code.
146 #define pte_prot(m, p) \
147 (protection_codes[p & (VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE)])
148 static int protection_codes[8];
150 struct pmap kernel_pmap;
151 static TAILQ_HEAD(,pmap) pmap_list = TAILQ_HEAD_INITIALIZER(pmap_list);
153 vm_paddr_t avail_start; /* PA of first available physical page */
154 vm_paddr_t avail_end; /* PA of last available physical page */
155 vm_offset_t virtual_start; /* VA of first avail page (after kernel bss) */
156 vm_offset_t virtual_end; /* VA of last avail page (end of kernel AS) */
157 vm_offset_t KvaStart; /* VA start of KVA space */
158 vm_offset_t KvaEnd; /* VA end of KVA space (non-inclusive) */
159 vm_offset_t KvaSize; /* max size of kernel virtual address space */
160 static boolean_t pmap_initialized = FALSE; /* Has pmap_init completed? */
161 static int pgeflag; /* PG_G or-in */
162 static int pseflag; /* PG_PS or-in */
164 static vm_object_t kptobj;
167 vm_offset_t kernel_vm_end;
170 * Data for the pv entry allocation mechanism
172 static vm_zone_t pvzone;
173 static struct vm_zone pvzone_store;
174 static struct vm_object pvzone_obj;
175 static int pv_entry_count=0, pv_entry_max=0, pv_entry_high_water=0;
176 static int pmap_pagedaemon_waken = 0;
177 static struct pv_entry *pvinit;
180 * All those kernel PT submaps that BSD is so fond of
182 pt_entry_t *CMAP1 = 0, *ptmmap;
183 caddr_t CADDR1 = 0, ptvmmap = 0;
184 static pt_entry_t *msgbufmap;
185 struct msgbuf *msgbufp=0;
190 static pt_entry_t *pt_crashdumpmap;
191 static caddr_t crashdumpmap;
193 extern uint64_t KPTphys;
194 extern pt_entry_t *SMPpt;
195 extern uint64_t SMPptpa;
199 static PMAP_INLINE void free_pv_entry (pv_entry_t pv);
200 static pt_entry_t * get_ptbase (pmap_t pmap);
201 static pv_entry_t get_pv_entry (void);
202 static void i386_protection_init (void);
203 static __inline void pmap_clearbit (vm_page_t m, int bit);
205 static void pmap_remove_all (vm_page_t m);
206 static void pmap_enter_quick (pmap_t pmap, vm_offset_t va, vm_page_t m);
207 static int pmap_remove_pte (struct pmap *pmap, pt_entry_t *ptq,
208 vm_offset_t sva, pmap_inval_info_t info);
209 static void pmap_remove_page (struct pmap *pmap,
210 vm_offset_t va, pmap_inval_info_t info);
211 static int pmap_remove_entry (struct pmap *pmap, vm_page_t m,
212 vm_offset_t va, pmap_inval_info_t info);
213 static boolean_t pmap_testbit (vm_page_t m, int bit);
214 static void pmap_insert_entry (pmap_t pmap, vm_offset_t va,
215 vm_page_t mpte, vm_page_t m);
217 static vm_page_t pmap_allocpte (pmap_t pmap, vm_offset_t va);
219 static int pmap_release_free_page (pmap_t pmap, vm_page_t p);
220 static vm_page_t _pmap_allocpte (pmap_t pmap, vm_pindex_t ptepindex);
221 static pt_entry_t * pmap_pte_quick (pmap_t pmap, vm_offset_t va);
222 static vm_page_t pmap_page_lookup (vm_object_t object, vm_pindex_t pindex);
223 static int pmap_unuse_pt (pmap_t, vm_offset_t, vm_page_t, pmap_inval_info_t);
224 static vm_offset_t pmap_kmem_choose(vm_offset_t addr);
226 static unsigned pdir4mb;
229 * Move the kernel virtual free pointer to the next
230 * 4MB. This is used to help improve performance
231 * by using a large (4MB) page for much of the kernel
232 * (.text, .data, .bss)
235 pmap_kmem_choose(vm_offset_t addr)
237 vm_offset_t newaddr = addr;
239 if (cpu_feature & CPUID_PSE) {
240 newaddr = (addr + (NBPDR - 1)) & ~(NBPDR - 1);
249 * Extract the page table entry associated with the given map/virtual
252 * This function may NOT be called from an interrupt.
254 PMAP_INLINE pt_entry_t *
255 pmap_pte(pmap_t pmap, vm_offset_t va)
260 pdeaddr = pmap_pde(pmap, va);
261 if (*pdeaddr & PG_PS)
264 return get_ptbase(pmap) + amd64_btop(va);
273 * Super fast pmap_pte routine best used when scanning the pv lists.
274 * This eliminates many course-grained invltlb calls. Note that many of
275 * the pv list scans are across different pmaps and it is very wasteful
276 * to do an entire invltlb when checking a single mapping.
278 * Should only be called while in a critical section.
281 pmap_pte_quick(pmap_t pmap, vm_offset_t va)
283 struct mdglobaldata *gd = mdcpu;
284 pd_entry_t pde, newpf;
286 if ((pde = pmap->pm_pdir[va >> PDRSHIFT]) != 0) {
287 pd_entry_t frame = pmap->pm_pdir[PTDPTDI] & PG_FRAME;
288 vm_pindex_t index = amd64_btop(va);
289 /* are we current address space or kernel? */
290 if ((pmap == &kernel_pmap) ||
291 (frame == (PTDpde & PG_FRAME))) {
292 return (pt_entry_t *) PTmap + index;
294 newpf = pde & PG_FRAME;
295 if ( ((* (pt_entry_t *) gd->gd_PMAP1) & PG_FRAME) != newpf) {
296 * (pt_entry_t *) gd->gd_PMAP1 = newpf | PG_RW | PG_V;
297 cpu_invlpg(gd->gd_PADDR1);
299 return gd->gd_PADDR1 + (index & (NPTEPG - 1));
306 allocpages(vm_paddr_t *firstaddr, int n)
311 bzero((void *)ret, n * PAGE_SIZE);
312 *firstaddr += n * PAGE_SIZE;
317 create_pagetables(vm_paddr_t *firstaddr)
321 uint64_t cpu0pp, cpu0idlestk;
322 int idlestk_page_offset = offsetof(struct privatespace, idlestack) / PAGE_SIZE;
324 /* we are running (mostly) V=P at this point */
326 common_lvl4_phys = allocpages(firstaddr, 1); /* 512 512G mappings */
327 common_lvl3_phys = allocpages(firstaddr, 1); /* 512 1G mappings */
328 KPTphys = allocpages(firstaddr, NKPT); /* kernel page table */
329 IdlePTD = allocpages(firstaddr, 1); /* kernel page dir */
330 cpu0pp = allocpages(firstaddr, MDGLOBALDATA_BASEALLOC_PAGES);
331 cpu0idlestk = allocpages(firstaddr, UPAGES);
332 SMPptpa = allocpages(firstaddr, 1);
333 SMPpt = (void *)(SMPptpa + KERNBASE);
337 * Load kernel page table with kernel memory mappings
339 for (i = 0; (i << PAGE_SHIFT) < *firstaddr; i++) {
340 ((pt_entry_t *)KPTphys)[i] = i << PAGE_SHIFT;
341 ((pt_entry_t *)KPTphys)[i] |= PG_RW | PG_V;
345 for (i = 0; i < NKPT; i++) {
346 ((pd_entry_t *)IdlePTD)[i] = KPTphys + (i << PAGE_SHIFT);
347 ((pd_entry_t *)IdlePTD)[i] |= PG_RW | PG_V;
352 * Set up the kernel page table itself.
354 for (i = 0; i < NKPT; i++) {
355 ((pd_entry_t *)IdlePTD)[KPTDI + i] = KPTphys + (i << PAGE_SHIFT);
356 ((pd_entry_t *)IdlePTD)[KPTDI + i] |= PG_RW | PG_V;
360 count = ISA_HOLE_LENGTH >> PAGE_SHIFT;
361 for (i = 0; i < count; i++) {
362 ((pt_entry_t *)KPTphys)[amd64_btop(ISA_HOLE_START) + i] = \
363 (ISA_HOLE_START + i * PAGE_SIZE) | PG_RW | PG_V;
370 ((pd_entry_t *)IdlePTD)[PTDPTDI] = (pd_entry_t)IdlePTD | PG_RW | PG_V;
373 * Map CPU_prvspace[0].mdglobaldata
375 for (i = 0; i < MDGLOBALDATA_BASEALLOC_PAGES; i++) {
376 ((pt_entry_t *)SMPptpa)[i] = \
377 (cpu0pp + i * PAGE_SIZE) | PG_RW | PG_V;
381 * Map CPU_prvspace[0].idlestack
383 for (i = 0; i < UPAGES; i++) {
384 ((pt_entry_t *)SMPptpa)[idlestk_page_offset + i] = \
385 (cpu0idlestk + i * PAGE_SIZE) | PG_RW | PG_V;
391 ((pd_entry_t *)IdlePTD)[MPPTDI] = SMPptpa | PG_RW | PG_V;
396 ((pml4_entry_t *)common_lvl4_phys)[LINKPML4I] = common_lvl3_phys | PG_RW | PG_V | PG_U;
399 * location of "virtual CR3" - a PDP entry that is loaded
400 * with a PD physical address (+ page attributes).
401 * Matt: location of user page directory entry (representing 1G)
403 link_pdpe = &((pdp_entry_t *)common_lvl3_phys)[LINKPDPI];
407 init_paging(vm_paddr_t *firstaddr) {
408 create_pagetables(firstaddr);
410 /* switch to the newly created page table */
411 *link_pdpe = IdlePTD | PG_RW | PG_V | PG_U;
412 load_cr3(common_lvl4_phys);
413 link_pdpe = (void *)((char *)link_pdpe + KERNBASE);
415 KvaStart = (vm_offset_t)VADDR(PTDPTDI, 0);
416 KvaEnd = (vm_offset_t)VADDR(APTDPTDI, 0);
417 KvaSize = KvaEnd - KvaStart;
421 * Bootstrap the system enough to run with virtual memory.
423 * On the i386 this is called after mapping has already been enabled
424 * and just syncs the pmap module with what has already been done.
425 * [We can't call it easily with mapping off since the kernel is not
426 * mapped with PA == VA, hence we would have to relocate every address
427 * from the linked base (virtual) address "KERNBASE" to the actual
428 * (physical) address starting relative to 0]
431 pmap_bootstrap(vm_paddr_t *firstaddr, vm_paddr_t loadaddr)
435 struct mdglobaldata *gd;
439 avail_start = *firstaddr;
442 * XXX The calculation of virtual_start is wrong. It's NKPT*PAGE_SIZE
443 * too large. It should instead be correctly calculated in locore.s and
444 * not based on 'first' (which is a physical address, not a virtual
445 * address, for the start of unused physical memory). The kernel
446 * page tables are NOT double mapped and thus should not be included
447 * in this calculation.
449 virtual_start = (vm_offset_t) PTOV_OFFSET + *firstaddr;
450 virtual_start = pmap_kmem_choose(virtual_start);
451 virtual_end = VADDR(KPTDI+NKPDE-1, NPTEPG-1);
454 * Initialize protection array.
456 i386_protection_init();
459 * The kernel's pmap is statically allocated so we don't have to use
460 * pmap_create, which is unlikely to work correctly at this part of
461 * the boot sequence (XXX and which no longer exists).
463 kernel_pmap.pm_pdir = (pd_entry_t *)(PTOV_OFFSET + (uint64_t)IdlePTD);
464 kernel_pmap.pm_count = 1;
465 kernel_pmap.pm_active = (cpumask_t)-1; /* don't allow deactivation */
466 TAILQ_INIT(&kernel_pmap.pm_pvlist);
470 * Reserve some special page table entries/VA space for temporary
473 #define SYSMAP(c, p, v, n) \
474 v = (c)va; va += ((n)*PAGE_SIZE); p = pte; pte += (n);
477 pte = (pt_entry_t *) pmap_pte(&kernel_pmap, va);
480 * CMAP1/CMAP2 are used for zeroing and copying pages.
482 SYSMAP(caddr_t, CMAP1, CADDR1, 1)
487 SYSMAP(caddr_t, pt_crashdumpmap, crashdumpmap, MAXDUMPPGS);
490 * ptvmmap is used for reading arbitrary physical pages via
493 SYSMAP(caddr_t, ptmmap, ptvmmap, 1)
496 * msgbufp is used to map the system message buffer.
497 * XXX msgbufmap is not used.
499 SYSMAP(struct msgbuf *, msgbufmap, msgbufp,
500 atop(round_page(MSGBUF_SIZE)))
505 for (i = 0; i < NKPT; i++)
509 * PG_G is terribly broken on SMP because we IPI invltlb's in some
510 * cases rather then invl1pg. Actually, I don't even know why it
511 * works under UP because self-referential page table mappings
516 if (cpu_feature & CPUID_PGE)
521 * Initialize the 4MB page size flag
525 * The 4MB page version of the initial
526 * kernel page mapping.
530 #if !defined(DISABLE_PSE)
531 if (cpu_feature & CPUID_PSE) {
534 * Note that we have enabled PSE mode
537 ptditmp = *(PTmap + amd64_btop(KERNBASE));
538 ptditmp &= ~(NBPDR - 1);
539 ptditmp |= PG_V | PG_RW | PG_PS | PG_U | pgeflag;
544 * Enable the PSE mode. If we are SMP we can't do this
545 * now because the APs will not be able to use it when
548 load_cr4(rcr4() | CR4_PSE);
551 * We can do the mapping here for the single processor
552 * case. We simply ignore the old page table page from
556 * For SMP, we still need 4K pages to bootstrap APs,
557 * PSE will be enabled as soon as all APs are up.
559 PTD[KPTDI] = (pd_entry_t)ptditmp;
560 kernel_pmap.pm_pdir[KPTDI] = (pd_entry_t)ptditmp;
566 if (cpu_apic_address == 0)
567 panic("pmap_bootstrap: no local apic!");
569 /* local apic is mapped on last page */
570 SMPpt[NPTEPG - 1] = (pt_entry_t)(PG_V | PG_RW | PG_N | pgeflag |
571 (cpu_apic_address & PG_FRAME));
575 * We need to finish setting up the globaldata page for the BSP.
576 * locore has already populated the page table for the mdglobaldata
579 pg = MDGLOBALDATA_BASEALLOC_PAGES;
580 gd = &CPU_prvspace[0].mdglobaldata;
581 gd->gd_CMAP1 = &SMPpt[pg + 0];
582 gd->gd_CMAP2 = &SMPpt[pg + 1];
583 gd->gd_CMAP3 = &SMPpt[pg + 2];
584 gd->gd_PMAP1 = &SMPpt[pg + 3];
585 gd->gd_CADDR1 = CPU_prvspace[0].CPAGE1;
586 gd->gd_CADDR2 = CPU_prvspace[0].CPAGE2;
587 gd->gd_CADDR3 = CPU_prvspace[0].CPAGE3;
588 gd->gd_PADDR1 = (pt_entry_t *)CPU_prvspace[0].PPAGE1;
595 * Set 4mb pdir for mp startup
600 if (pseflag && (cpu_feature & CPUID_PSE)) {
601 load_cr4(rcr4() | CR4_PSE);
602 if (pdir4mb && mycpu->gd_cpuid == 0) { /* only on BSP */
603 kernel_pmap.pm_pdir[KPTDI] =
604 PTD[KPTDI] = (pd_entry_t)pdir4mb;
612 * Initialize the pmap module.
613 * Called by vm_init, to initialize any structures that the pmap
614 * system needs to map virtual memory.
615 * pmap_init has been enhanced to support in a fairly consistant
616 * way, discontiguous physical memory.
625 * object for kernel page table pages
627 kptobj = vm_object_allocate(OBJT_DEFAULT, NKPDE);
630 * Allocate memory for random pmap data structures. Includes the
634 for(i = 0; i < vm_page_array_size; i++) {
637 m = &vm_page_array[i];
638 TAILQ_INIT(&m->md.pv_list);
639 m->md.pv_list_count = 0;
643 * init the pv free list
645 initial_pvs = vm_page_array_size;
646 if (initial_pvs < MINPV)
648 pvzone = &pvzone_store;
649 pvinit = (struct pv_entry *) kmem_alloc(&kernel_map,
650 initial_pvs * sizeof (struct pv_entry));
651 zbootinit(pvzone, "PV ENTRY", sizeof (struct pv_entry), pvinit,
655 * Now it is safe to enable pv_table recording.
657 pmap_initialized = TRUE;
661 * Initialize the address space (zone) for the pv_entries. Set a
662 * high water mark so that the system can recover from excessive
663 * numbers of pv entries.
668 int shpgperproc = PMAP_SHPGPERPROC;
670 TUNABLE_INT_FETCH("vm.pmap.shpgperproc", &shpgperproc);
671 pv_entry_max = shpgperproc * maxproc + vm_page_array_size;
672 TUNABLE_INT_FETCH("vm.pmap.pv_entries", &pv_entry_max);
673 pv_entry_high_water = 9 * (pv_entry_max / 10);
674 zinitna(pvzone, &pvzone_obj, NULL, 0, pv_entry_max, ZONE_INTERRUPT, 1);
678 /***************************************************
679 * Low level helper routines.....
680 ***************************************************/
682 #if defined(PMAP_DIAGNOSTIC)
685 * This code checks for non-writeable/modified pages.
686 * This should be an invalid condition.
689 pmap_nw_modified(pt_entry_t ptea)
695 if ((pte & (PG_M|PG_RW)) == PG_M)
704 * this routine defines the region(s) of memory that should
705 * not be tested for the modified bit.
707 static PMAP_INLINE int
708 pmap_track_modified(vm_offset_t va)
710 if ((va < clean_sva) || (va >= clean_eva))
717 get_ptbase(pmap_t pmap)
719 pd_entry_t frame = pmap->pm_pdir[PTDPTDI] & PG_FRAME;
720 struct globaldata *gd = mycpu;
722 /* are we current address space or kernel? */
723 if (pmap == &kernel_pmap || frame == (PTDpde & PG_FRAME)) {
724 return (pt_entry_t *) PTmap;
727 /* otherwise, we are alternate address space */
728 KKASSERT(gd->gd_intr_nesting_level == 0 &&
729 (gd->gd_curthread->td_flags & TDF_INTTHREAD) == 0);
731 if (frame != (((pd_entry_t) APTDpde) & PG_FRAME)) {
732 APTDpde = (pd_entry_t)(frame | PG_RW | PG_V);
733 /* The page directory is not shared between CPUs */
736 return (pt_entry_t *) APTmap;
742 * Extract the physical page address associated with the map/VA pair.
744 * This function may not be called from an interrupt if the pmap is
748 pmap_extract(pmap_t pmap, vm_offset_t va)
751 vm_offset_t pdirindex;
753 pdirindex = va >> PDRSHIFT;
754 if (pmap && (rtval = pmap->pm_pdir[pdirindex])) {
756 if ((rtval & PG_PS) != 0) {
757 rtval &= ~(NBPDR - 1);
758 rtval |= va & (NBPDR - 1);
761 pte = get_ptbase(pmap) + amd64_btop(va);
762 rtval = ((*pte & PG_FRAME) | (va & PAGE_MASK));
768 /***************************************************
769 * Low level mapping routines.....
770 ***************************************************/
773 * Routine: pmap_kenter
775 * Add a wired page to the KVA
776 * NOTE! note that in order for the mapping to take effect -- you
777 * should do an invltlb after doing the pmap_kenter().
780 pmap_kenter(vm_offset_t va, vm_paddr_t pa)
784 pmap_inval_info info;
786 pmap_inval_init(&info);
787 npte = pa | PG_RW | PG_V | pgeflag;
789 pmap_inval_add(&info, &kernel_pmap, va);
791 pmap_inval_flush(&info);
795 * Routine: pmap_kenter_quick
797 * Similar to pmap_kenter(), except we only invalidate the
798 * mapping on the current CPU.
801 pmap_kenter_quick(vm_offset_t va, vm_paddr_t pa)
806 npte = pa | PG_RW | PG_V | pgeflag;
809 cpu_invlpg((void *)va);
813 pmap_kenter_sync(vm_offset_t va)
815 pmap_inval_info info;
817 pmap_inval_init(&info);
818 pmap_inval_add(&info, &kernel_pmap, va);
819 pmap_inval_flush(&info);
823 pmap_kenter_sync_quick(vm_offset_t va)
825 cpu_invlpg((void *)va);
829 * remove a page from the kernel pagetables
832 pmap_kremove(vm_offset_t va)
835 pmap_inval_info info;
837 pmap_inval_init(&info);
839 pmap_inval_add(&info, &kernel_pmap, va);
841 pmap_inval_flush(&info);
845 pmap_kremove_quick(vm_offset_t va)
850 cpu_invlpg((void *)va);
854 * XXX these need to be recoded. They are not used in any critical path.
857 pmap_kmodify_rw(vm_offset_t va)
859 *vtopte(va) |= PG_RW;
860 cpu_invlpg((void *)va);
864 pmap_kmodify_nc(vm_offset_t va)
867 cpu_invlpg((void *)va);
871 * Used to map a range of physical addresses into kernel
872 * virtual address space.
874 * For now, VM is already on, we only need to map the
878 pmap_map(vm_offset_t virt, vm_paddr_t start, vm_paddr_t end, int prot)
880 while (start < end) {
881 pmap_kenter(virt, start);
890 * Add a list of wired pages to the kva
891 * this routine is only used for temporary
892 * kernel mappings that do not need to have
893 * page modification or references recorded.
894 * Note that old mappings are simply written
895 * over. The page *must* be wired.
898 pmap_qenter(vm_offset_t va, vm_page_t *m, int count)
902 end_va = va + count * PAGE_SIZE;
904 while (va < end_va) {
908 *pte = VM_PAGE_TO_PHYS(*m) | PG_RW | PG_V | pgeflag;
909 cpu_invlpg((void *)va);
914 smp_invltlb(); /* XXX */
919 pmap_qenter2(vm_offset_t va, vm_page_t *m, int count, cpumask_t *mask)
922 cpumask_t cmask = mycpu->gd_cpumask;
924 end_va = va + count * PAGE_SIZE;
926 while (va < end_va) {
931 * Install the new PTE. If the pte changed from the prior
932 * mapping we must reset the cpu mask and invalidate the page.
933 * If the pte is the same but we have not seen it on the
934 * current cpu, invlpg the existing mapping. Otherwise the
935 * entry is optimal and no invalidation is required.
938 pteval = VM_PAGE_TO_PHYS(*m) | PG_A | PG_RW | PG_V | pgeflag;
939 if (*pte != pteval) {
942 cpu_invlpg((void *)va);
943 } else if ((*mask & cmask) == 0) {
944 cpu_invlpg((void *)va);
953 * this routine jerks page mappings from the
954 * kernel -- it is meant only for temporary mappings.
957 pmap_qremove(vm_offset_t va, int count)
961 end_va = va + count*PAGE_SIZE;
963 while (va < end_va) {
968 cpu_invlpg((void *)va);
977 * This routine works like vm_page_lookup() but also blocks as long as the
978 * page is busy. This routine does not busy the page it returns.
980 * Unless the caller is managing objects whos pages are in a known state,
981 * the call should be made with a critical section held so the page's object
982 * association remains valid on return.
985 pmap_page_lookup(vm_object_t object, vm_pindex_t pindex)
990 m = vm_page_lookup(object, pindex);
991 } while (m && vm_page_sleep_busy(m, FALSE, "pplookp"));
997 * Create a new thread and optionally associate it with a (new) process.
998 * NOTE! the new thread's cpu may not equal the current cpu.
1001 pmap_init_thread(thread_t td)
1003 /* enforce pcb placement */
1004 td->td_pcb = (struct pcb *)(td->td_kstack + td->td_kstack_size) - 1;
1005 td->td_savefpu = &td->td_pcb->pcb_save;
1006 td->td_sp = (char *)td->td_pcb - 16;
1010 * This routine directly affects the fork perf for a process.
1013 pmap_init_proc(struct proc *p)
1018 * Dispose the UPAGES for a process that has exited.
1019 * This routine directly impacts the exit perf of a process.
1022 pmap_dispose_proc(struct proc *p)
1024 KASSERT(p->p_lock == 0, ("attempt to dispose referenced proc! %p", p));
1027 /***************************************************
1028 * Page table page management routines.....
1029 ***************************************************/
1032 * This routine unholds page table pages, and if the hold count
1033 * drops to zero, then it decrements the wire count.
1036 _pmap_unwire_pte_hold(pmap_t pmap, vm_page_t m, pmap_inval_info_t info)
1039 * Wait until we can busy the page ourselves. We cannot have
1040 * any active flushes if we block.
1042 if (m->flags & PG_BUSY) {
1043 pmap_inval_flush(info);
1044 while (vm_page_sleep_busy(m, FALSE, "pmuwpt"))
1047 KASSERT(m->queue == PQ_NONE,
1048 ("_pmap_unwire_pte_hold: %p->queue != PQ_NONE", m));
1050 if (m->hold_count == 1) {
1052 * Unmap the page table page
1055 pmap_inval_add(info, pmap, -1);
1056 pmap->pm_pdir[m->pindex] = 0;
1058 KKASSERT(pmap->pm_stats.resident_count > 0);
1059 --pmap->pm_stats.resident_count;
1061 if (pmap->pm_ptphint == m)
1062 pmap->pm_ptphint = NULL;
1065 * This was our last hold, the page had better be unwired
1066 * after we decrement wire_count.
1068 * FUTURE NOTE: shared page directory page could result in
1069 * multiple wire counts.
1073 KKASSERT(m->wire_count == 0);
1074 --vmstats.v_wire_count;
1075 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
1077 vm_page_free_zero(m);
1080 KKASSERT(m->hold_count > 1);
1086 static PMAP_INLINE int
1087 pmap_unwire_pte_hold(pmap_t pmap, vm_page_t m, pmap_inval_info_t info)
1089 KKASSERT(m->hold_count > 0);
1090 if (m->hold_count > 1) {
1094 return _pmap_unwire_pte_hold(pmap, m, info);
1099 * After removing a page table entry, this routine is used to
1100 * conditionally free the page, and manage the hold/wire counts.
1103 pmap_unuse_pt(pmap_t pmap, vm_offset_t va, vm_page_t mpte,
1104 pmap_inval_info_t info)
1106 vm_pindex_t ptepindex;
1107 if (va >= UPT_MIN_ADDRESS)
1111 ptepindex = (va >> PDRSHIFT);
1112 if (pmap->pm_ptphint &&
1113 (pmap->pm_ptphint->pindex == ptepindex)) {
1114 mpte = pmap->pm_ptphint;
1116 pmap_inval_flush(info);
1117 mpte = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
1118 pmap->pm_ptphint = mpte;
1122 return pmap_unwire_pte_hold(pmap, mpte, info);
1126 * Initialize pmap0/vmspace0. This pmap is not added to pmap_list because
1127 * it, and IdlePTD, represents the template used to update all other pmaps.
1129 * On architectures where the kernel pmap is not integrated into the user
1130 * process pmap, this pmap represents the process pmap, not the kernel pmap.
1131 * kernel_pmap should be used to directly access the kernel_pmap.
1134 pmap_pinit0(struct pmap *pmap)
1137 (pd_entry_t *)kmem_alloc_pageable(&kernel_map, PAGE_SIZE);
1138 pmap_kenter((vm_offset_t)pmap->pm_pdir, (vm_offset_t) IdlePTD);
1140 pmap->pm_active = 0;
1141 pmap->pm_ptphint = NULL;
1142 TAILQ_INIT(&pmap->pm_pvlist);
1143 bzero(&pmap->pm_stats, sizeof pmap->pm_stats);
1147 * Initialize a preallocated and zeroed pmap structure,
1148 * such as one in a vmspace structure.
1151 pmap_pinit(struct pmap *pmap)
1156 * No need to allocate page table space yet but we do need a valid
1157 * page directory table.
1159 if (pmap->pm_pdir == NULL) {
1161 (pd_entry_t *)kmem_alloc_pageable(&kernel_map, PAGE_SIZE);
1165 * Allocate an object for the ptes
1167 if (pmap->pm_pteobj == NULL)
1168 pmap->pm_pteobj = vm_object_allocate(OBJT_DEFAULT, PTDPTDI + 1);
1171 * Allocate the page directory page, unless we already have
1172 * one cached. If we used the cached page the wire_count will
1173 * already be set appropriately.
1175 if ((ptdpg = pmap->pm_pdirm) == NULL) {
1176 ptdpg = vm_page_grab(pmap->pm_pteobj, PTDPTDI,
1177 VM_ALLOC_NORMAL | VM_ALLOC_RETRY);
1178 pmap->pm_pdirm = ptdpg;
1179 vm_page_flag_clear(ptdpg, PG_MAPPED | PG_BUSY);
1180 ptdpg->valid = VM_PAGE_BITS_ALL;
1181 ptdpg->wire_count = 1;
1182 ++vmstats.v_wire_count;
1183 pmap_kenter((vm_offset_t)pmap->pm_pdir, VM_PAGE_TO_PHYS(ptdpg));
1185 if ((ptdpg->flags & PG_ZERO) == 0)
1186 bzero(pmap->pm_pdir, PAGE_SIZE);
1188 pmap->pm_pdir[MPPTDI] = PTD[MPPTDI];
1190 /* install self-referential address mapping entry */
1191 *(pd_entry_t *) (pmap->pm_pdir + PTDPTDI) =
1192 VM_PAGE_TO_PHYS(ptdpg) | PG_V | PG_RW | PG_A | PG_M;
1195 pmap->pm_active = 0;
1196 pmap->pm_ptphint = NULL;
1197 TAILQ_INIT(&pmap->pm_pvlist);
1198 bzero(&pmap->pm_stats, sizeof pmap->pm_stats);
1199 pmap->pm_stats.resident_count = 1;
1203 * Clean up a pmap structure so it can be physically freed. This routine
1204 * is called by the vmspace dtor function. A great deal of pmap data is
1205 * left passively mapped to improve vmspace management so we have a bit
1206 * of cleanup work to do here.
1209 pmap_puninit(pmap_t pmap)
1213 KKASSERT(pmap->pm_active == 0);
1214 if ((p = pmap->pm_pdirm) != NULL) {
1215 KKASSERT(pmap->pm_pdir != NULL);
1216 pmap_kremove((vm_offset_t)pmap->pm_pdir);
1218 vmstats.v_wire_count--;
1219 KKASSERT((p->flags & PG_BUSY) == 0);
1221 vm_page_free_zero(p);
1222 pmap->pm_pdirm = NULL;
1224 if (pmap->pm_pdir) {
1225 kmem_free(&kernel_map, (vm_offset_t)pmap->pm_pdir, PAGE_SIZE);
1226 pmap->pm_pdir = NULL;
1228 if (pmap->pm_pteobj) {
1229 vm_object_deallocate(pmap->pm_pteobj);
1230 pmap->pm_pteobj = NULL;
1235 * Wire in kernel global address entries. To avoid a race condition
1236 * between pmap initialization and pmap_growkernel, this procedure
1237 * adds the pmap to the master list (which growkernel scans to update),
1238 * then copies the template.
1241 pmap_pinit2(struct pmap *pmap)
1244 TAILQ_INSERT_TAIL(&pmap_list, pmap, pm_pmnode);
1245 /* XXX copies current process, does not fill in MPPTDI */
1246 bcopy(PTD + KPTDI, pmap->pm_pdir + KPTDI, nkpt * PTESIZE);
1251 * Attempt to release and free a vm_page in a pmap. Returns 1 on success,
1252 * 0 on failure (if the procedure had to sleep).
1254 * When asked to remove the page directory page itself, we actually just
1255 * leave it cached so we do not have to incur the SMP inval overhead of
1256 * removing the kernel mapping. pmap_puninit() will take care of it.
1259 pmap_release_free_page(struct pmap *pmap, vm_page_t p)
1261 pd_entry_t *pde = (pd_entry_t *) pmap->pm_pdir;
1263 * This code optimizes the case of freeing non-busy
1264 * page-table pages. Those pages are zero now, and
1265 * might as well be placed directly into the zero queue.
1267 if (vm_page_sleep_busy(p, FALSE, "pmaprl"))
1273 * Remove the page table page from the processes address space.
1276 KKASSERT(pmap->pm_stats.resident_count > 0);
1277 --pmap->pm_stats.resident_count;
1279 if (p->hold_count) {
1280 panic("pmap_release: freeing held page table page");
1282 if (pmap->pm_ptphint && (pmap->pm_ptphint->pindex == p->pindex))
1283 pmap->pm_ptphint = NULL;
1286 * We leave the page directory page cached, wired, and mapped in
1287 * the pmap until the dtor function (pmap_puninit()) gets called.
1288 * However, still clean it up so we can set PG_ZERO.
1290 if (p->pindex == PTDPTDI) {
1291 bzero(pde + KPTDI, nkpt * PTESIZE);
1294 vm_page_flag_set(p, PG_ZERO);
1298 vmstats.v_wire_count--;
1299 vm_page_free_zero(p);
1305 * this routine is called if the page table page is not
1309 _pmap_allocpte(pmap_t pmap, vm_pindex_t ptepindex)
1311 vm_offset_t pteva, ptepa;
1315 * Find or fabricate a new pagetable page
1317 m = vm_page_grab(pmap->pm_pteobj, ptepindex,
1318 VM_ALLOC_NORMAL | VM_ALLOC_ZERO | VM_ALLOC_RETRY);
1320 KASSERT(m->queue == PQ_NONE,
1321 ("_pmap_allocpte: %p->queue != PQ_NONE", m));
1324 * Increment the hold count for the page we will be returning to
1330 * It is possible that someone else got in and mapped by the page
1331 * directory page while we were blocked, if so just unbusy and
1332 * return the held page.
1334 if ((ptepa = pmap->pm_pdir[ptepindex]) != 0) {
1335 KKASSERT((ptepa & PG_FRAME) == VM_PAGE_TO_PHYS(m));
1340 if (m->wire_count == 0)
1341 vmstats.v_wire_count++;
1346 * Map the pagetable page into the process address space, if
1347 * it isn't already there.
1350 ++pmap->pm_stats.resident_count;
1352 ptepa = VM_PAGE_TO_PHYS(m);
1353 pmap->pm_pdir[ptepindex] =
1354 (pd_entry_t) (ptepa | PG_U | PG_RW | PG_V | PG_A | PG_M);
1357 * Set the page table hint
1359 pmap->pm_ptphint = m;
1362 * Try to use the new mapping, but if we cannot, then
1363 * do it with the routine that maps the page explicitly.
1365 if ((m->flags & PG_ZERO) == 0) {
1366 if ((pmap->pm_pdir[PTDPTDI] & PG_FRAME) ==
1367 (((pd_entry_t) PTDpde) & PG_FRAME)) {
1368 pteva = UPT_MIN_ADDRESS + amd64_ptob(ptepindex);
1369 bzero((caddr_t) pteva, PAGE_SIZE);
1371 pmap_zero_page(ptepa);
1375 m->valid = VM_PAGE_BITS_ALL;
1376 vm_page_flag_clear(m, PG_ZERO);
1377 vm_page_flag_set(m, PG_MAPPED);
1384 pmap_allocpte(pmap_t pmap, vm_offset_t va)
1386 vm_pindex_t ptepindex;
1391 * Calculate pagetable page index
1393 ptepindex = va >> PDRSHIFT;
1396 * Get the page directory entry
1398 ptepa = (vm_offset_t) pmap->pm_pdir[ptepindex];
1401 * This supports switching from a 4MB page to a
1404 if (ptepa & PG_PS) {
1405 pmap->pm_pdir[ptepindex] = 0;
1412 * If the page table page is mapped, we just increment the
1413 * hold count, and activate it.
1417 * In order to get the page table page, try the
1420 if (pmap->pm_ptphint &&
1421 (pmap->pm_ptphint->pindex == ptepindex)) {
1422 m = pmap->pm_ptphint;
1424 m = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
1425 pmap->pm_ptphint = m;
1431 * Here if the pte page isn't mapped, or if it has been deallocated.
1433 return _pmap_allocpte(pmap, ptepindex);
1437 /***************************************************
1438 * Pmap allocation/deallocation routines.
1439 ***************************************************/
1442 * Release any resources held by the given physical map.
1443 * Called when a pmap initialized by pmap_pinit is being released.
1444 * Should only be called if the map contains no valid mappings.
1446 static int pmap_release_callback(struct vm_page *p, void *data);
1449 pmap_release(struct pmap *pmap)
1451 vm_object_t object = pmap->pm_pteobj;
1452 struct rb_vm_page_scan_info info;
1454 KASSERT(pmap->pm_active == 0, ("pmap still active! %08x", pmap->pm_active));
1455 #if defined(DIAGNOSTIC)
1456 if (object->ref_count != 1)
1457 panic("pmap_release: pteobj reference count != 1");
1461 info.object = object;
1463 TAILQ_REMOVE(&pmap_list, pmap, pm_pmnode);
1470 info.limit = object->generation;
1472 vm_page_rb_tree_RB_SCAN(&object->rb_memq, NULL,
1473 pmap_release_callback, &info);
1474 if (info.error == 0 && info.mpte) {
1475 if (!pmap_release_free_page(pmap, info.mpte))
1479 } while (info.error);
1483 pmap_release_callback(struct vm_page *p, void *data)
1485 struct rb_vm_page_scan_info *info = data;
1487 if (p->pindex == PTDPTDI) {
1491 if (!pmap_release_free_page(info->pmap, p)) {
1495 if (info->object->generation != info->limit) {
1503 * Grow the number of kernel page table entries, if needed.
1507 pmap_growkernel(vm_offset_t addr)
1510 vm_offset_t ptppaddr;
1515 if (kernel_vm_end == 0) {
1516 kernel_vm_end = KERNBASE;
1518 while (pdir_pde(PTD, kernel_vm_end)) {
1519 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1523 addr = (addr + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1524 while (kernel_vm_end < addr) {
1525 if (pdir_pde(PTD, kernel_vm_end)) {
1526 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1531 * This index is bogus, but out of the way
1533 nkpg = vm_page_alloc(kptobj, nkpt,
1534 VM_ALLOC_NORMAL | VM_ALLOC_SYSTEM | VM_ALLOC_INTERRUPT);
1536 panic("pmap_growkernel: no memory to grow kernel");
1539 ptppaddr = VM_PAGE_TO_PHYS(nkpg);
1540 pmap_zero_page(ptppaddr);
1541 newpdir = (pd_entry_t) (ptppaddr | PG_V | PG_RW | PG_A | PG_M);
1542 pdir_pde(PTD, kernel_vm_end) = newpdir;
1543 *pmap_pde(&kernel_pmap, kernel_vm_end) = newpdir;
1547 * This update must be interlocked with pmap_pinit2.
1549 TAILQ_FOREACH(pmap, &pmap_list, pm_pmnode) {
1550 *pmap_pde(pmap, kernel_vm_end) = newpdir;
1552 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) &
1553 ~(PAGE_SIZE * NPTEPG - 1);
1559 * Retire the given physical map from service.
1560 * Should only be called if the map contains
1561 * no valid mappings.
1564 pmap_destroy(pmap_t pmap)
1571 count = --pmap->pm_count;
1574 panic("destroying a pmap is not yet implemented");
1579 * Add a reference to the specified pmap.
1582 pmap_reference(pmap_t pmap)
1589 /***************************************************
1590 * page management routines.
1591 ***************************************************/
1594 * free the pv_entry back to the free list. This function may be
1595 * called from an interrupt.
1597 static PMAP_INLINE void
1598 free_pv_entry(pv_entry_t pv)
1605 * get a new pv_entry, allocating a block from the system
1606 * when needed. This function may be called from an interrupt.
1612 if (pv_entry_high_water &&
1613 (pv_entry_count > pv_entry_high_water) &&
1614 (pmap_pagedaemon_waken == 0)) {
1615 pmap_pagedaemon_waken = 1;
1616 wakeup (&vm_pages_needed);
1618 return zalloc(pvzone);
1622 * This routine is very drastic, but can save the system
1630 static int warningdone=0;
1632 if (pmap_pagedaemon_waken == 0)
1634 pmap_pagedaemon_waken = 0;
1636 if (warningdone < 5) {
1637 kprintf("pmap_collect: collecting pv entries -- suggest increasing PMAP_SHPGPERPROC\n");
1641 for(i = 0; i < vm_page_array_size; i++) {
1642 m = &vm_page_array[i];
1643 if (m->wire_count || m->hold_count || m->busy ||
1644 (m->flags & PG_BUSY))
1652 * If it is the first entry on the list, it is actually
1653 * in the header and we must copy the following entry up
1654 * to the header. Otherwise we must search the list for
1655 * the entry. In either case we free the now unused entry.
1658 pmap_remove_entry(struct pmap *pmap, vm_page_t m,
1659 vm_offset_t va, pmap_inval_info_t info)
1665 if (m->md.pv_list_count < pmap->pm_stats.resident_count) {
1666 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
1667 if (pmap == pv->pv_pmap && va == pv->pv_va)
1671 TAILQ_FOREACH(pv, &pmap->pm_pvlist, pv_plist) {
1672 if (va == pv->pv_va)
1679 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
1680 m->md.pv_list_count--;
1681 if (TAILQ_EMPTY(&m->md.pv_list))
1682 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
1683 TAILQ_REMOVE(&pmap->pm_pvlist, pv, pv_plist);
1684 ++pmap->pm_generation;
1685 rtval = pmap_unuse_pt(pmap, va, pv->pv_ptem, info);
1693 * Create a pv entry for page at pa for
1697 pmap_insert_entry(pmap_t pmap, vm_offset_t va, vm_page_t mpte, vm_page_t m)
1702 pv = get_pv_entry();
1707 TAILQ_INSERT_TAIL(&pmap->pm_pvlist, pv, pv_plist);
1708 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_list);
1709 m->md.pv_list_count++;
1715 * pmap_remove_pte: do the things to unmap a page in a process
1718 pmap_remove_pte(struct pmap *pmap, pt_entry_t *ptq, vm_offset_t va,
1719 pmap_inval_info_t info)
1724 pmap_inval_add(info, pmap, va);
1725 oldpte = pte_load_clear(ptq);
1727 pmap->pm_stats.wired_count -= 1;
1729 * Machines that don't support invlpg, also don't support
1730 * PG_G. XXX PG_G is disabled for SMP so don't worry about
1734 cpu_invlpg((void *)va);
1735 KKASSERT(pmap->pm_stats.resident_count > 0);
1736 --pmap->pm_stats.resident_count;
1737 if (oldpte & PG_MANAGED) {
1738 m = PHYS_TO_VM_PAGE(oldpte);
1739 if (oldpte & PG_M) {
1740 #if defined(PMAP_DIAGNOSTIC)
1741 if (pmap_nw_modified((pt_entry_t) oldpte)) {
1743 "pmap_remove: modified page not writable: va: 0x%x, pte: 0x%x\n",
1747 if (pmap_track_modified(va))
1751 vm_page_flag_set(m, PG_REFERENCED);
1752 return pmap_remove_entry(pmap, m, va, info);
1754 return pmap_unuse_pt(pmap, va, NULL, info);
1763 * Remove a single page from a process address space.
1765 * This function may not be called from an interrupt if the pmap is
1769 pmap_remove_page(struct pmap *pmap, vm_offset_t va, pmap_inval_info_t info)
1774 * if there is no pte for this address, just skip it!!! Otherwise
1775 * get a local va for mappings for this pmap and remove the entry.
1777 if (*pmap_pde(pmap, va) != 0) {
1778 ptq = get_ptbase(pmap) + amd64_btop(va);
1780 pmap_remove_pte(pmap, ptq, va, info);
1788 * Remove the given range of addresses from the specified map.
1790 * It is assumed that the start and end are properly
1791 * rounded to the page size.
1793 * This function may not be called from an interrupt if the pmap is
1797 pmap_remove(struct pmap *pmap, vm_offset_t sva, vm_offset_t eva)
1801 vm_offset_t ptpaddr;
1802 vm_offset_t sindex, eindex;
1803 struct pmap_inval_info info;
1808 if (pmap->pm_stats.resident_count == 0)
1811 pmap_inval_init(&info);
1814 * special handling of removing one page. a very
1815 * common operation and easy to short circuit some
1818 if (((sva + PAGE_SIZE) == eva) &&
1819 ((pmap->pm_pdir[(sva >> PDRSHIFT)] & PG_PS) == 0)) {
1820 pmap_remove_page(pmap, sva, &info);
1821 pmap_inval_flush(&info);
1826 * Get a local virtual address for the mappings that are being
1829 sindex = amd64_btop(sva);
1830 eindex = amd64_btop(eva);
1832 for (; sindex < eindex; sindex = pdnxt) {
1833 vm_pindex_t pdirindex;
1836 * Calculate index for next page table.
1838 pdnxt = ((sindex + NPTEPG) & ~(NPTEPG - 1));
1839 if (pmap->pm_stats.resident_count == 0)
1842 pdirindex = sindex / NPDEPG;
1843 if (((ptpaddr = pmap->pm_pdir[pdirindex]) & PG_PS) != 0) {
1844 pmap_inval_add(&info, pmap, -1);
1845 pmap->pm_pdir[pdirindex] = 0;
1846 pmap->pm_stats.resident_count -= NBPDR / PAGE_SIZE;
1851 * Weed out invalid mappings. Note: we assume that the page
1852 * directory table is always allocated, and in kernel virtual.
1858 * Limit our scan to either the end of the va represented
1859 * by the current page table page, or to the end of the
1860 * range being removed.
1862 if (pdnxt > eindex) {
1867 * NOTE: pmap_remove_pte() can block.
1869 for (; sindex != pdnxt; sindex++) {
1872 ptbase = get_ptbase(pmap);
1873 if (ptbase[sindex] == 0)
1875 va = amd64_ptob(sindex);
1876 if (pmap_remove_pte(pmap, ptbase + sindex, va, &info))
1880 pmap_inval_flush(&info);
1886 * Removes this physical page from all physical maps in which it resides.
1887 * Reflects back modify bits to the pager.
1889 * This routine may not be called from an interrupt.
1893 pmap_remove_all(vm_page_t m)
1895 struct pmap_inval_info info;
1896 pt_entry_t *pte, tpte;
1899 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
1902 pmap_inval_init(&info);
1904 while ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
1905 KKASSERT(pv->pv_pmap->pm_stats.resident_count > 0);
1906 --pv->pv_pmap->pm_stats.resident_count;
1908 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
1909 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
1910 tpte = pte_load_clear(pte);
1913 pv->pv_pmap->pm_stats.wired_count--;
1916 vm_page_flag_set(m, PG_REFERENCED);
1919 * Update the vm_page_t clean and reference bits.
1922 #if defined(PMAP_DIAGNOSTIC)
1923 if (pmap_nw_modified((pt_entry_t) tpte)) {
1925 "pmap_remove_all: modified page not writable: va: 0x%x, pte: 0x%x\n",
1929 if (pmap_track_modified(pv->pv_va))
1932 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
1933 TAILQ_REMOVE(&pv->pv_pmap->pm_pvlist, pv, pv_plist);
1934 ++pv->pv_pmap->pm_generation;
1935 m->md.pv_list_count--;
1936 if (TAILQ_EMPTY(&m->md.pv_list))
1937 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
1938 pmap_unuse_pt(pv->pv_pmap, pv->pv_va, pv->pv_ptem, &info);
1942 KKASSERT((m->flags & (PG_MAPPED|PG_WRITEABLE)) == 0);
1943 pmap_inval_flush(&info);
1949 * Set the physical protection on the specified range of this map
1952 * This function may not be called from an interrupt if the map is
1953 * not the kernel_pmap.
1956 pmap_protect(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, vm_prot_t prot)
1959 vm_offset_t pdnxt, ptpaddr;
1960 vm_pindex_t sindex, eindex;
1961 pmap_inval_info info;
1966 if ((prot & VM_PROT_READ) == VM_PROT_NONE) {
1967 pmap_remove(pmap, sva, eva);
1971 if (prot & VM_PROT_WRITE)
1974 pmap_inval_init(&info);
1976 ptbase = get_ptbase(pmap);
1978 sindex = amd64_btop(sva);
1979 eindex = amd64_btop(eva);
1981 for (; sindex < eindex; sindex = pdnxt) {
1983 vm_pindex_t pdirindex;
1985 pdnxt = ((sindex + NPTEPG) & ~(NPTEPG - 1));
1987 pdirindex = sindex / NPDEPG;
1988 if (((ptpaddr = pmap->pm_pdir[pdirindex]) & PG_PS) != 0) {
1989 pmap_inval_add(&info, pmap, -1);
1990 pmap->pm_pdir[pdirindex] &= ~(PG_M|PG_RW);
1991 pmap->pm_stats.resident_count -= NBPDR / PAGE_SIZE;
1996 * Weed out invalid mappings. Note: we assume that the page
1997 * directory table is always allocated, and in kernel virtual.
2002 if (pdnxt > eindex) {
2006 for (; sindex != pdnxt; sindex++) {
2012 * XXX non-optimal. Note also that there can be
2013 * no pmap_inval_flush() calls until after we modify
2014 * ptbase[sindex] (or otherwise we have to do another
2015 * pmap_inval_add() call).
2017 pmap_inval_add(&info, pmap, amd64_ptob(sindex));
2018 pbits = ptbase[sindex];
2020 if (pbits & PG_MANAGED) {
2023 m = PHYS_TO_VM_PAGE(pbits);
2024 vm_page_flag_set(m, PG_REFERENCED);
2028 if (pmap_track_modified(amd64_ptob(sindex))) {
2030 m = PHYS_TO_VM_PAGE(pbits);
2039 if (pbits != ptbase[sindex]) {
2040 ptbase[sindex] = pbits;
2044 pmap_inval_flush(&info);
2048 * Insert the given physical page (p) at
2049 * the specified virtual address (v) in the
2050 * target physical map with the protection requested.
2052 * If specified, the page will be wired down, meaning
2053 * that the related pte can not be reclaimed.
2055 * NB: This is the only routine which MAY NOT lazy-evaluate
2056 * or lose information. That is, this routine must actually
2057 * insert this page into the given map NOW.
2060 pmap_enter(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot,
2066 vm_offset_t origpte, newpte;
2068 pmap_inval_info info;
2074 #ifdef PMAP_DIAGNOSTIC
2076 panic("pmap_enter: toobig");
2077 if ((va >= UPT_MIN_ADDRESS) && (va < UPT_MAX_ADDRESS))
2078 panic("pmap_enter: invalid to pmap_enter page table pages (va: 0x%x)", va);
2080 if (va < UPT_MAX_ADDRESS && pmap == &kernel_pmap) {
2081 kprintf("Warning: pmap_enter called on UVA with kernel_pmap\n");
2084 if (va >= UPT_MAX_ADDRESS && pmap != &kernel_pmap) {
2085 kprintf("Warning: pmap_enter called on KVA without kernel_pmap\n");
2090 * In the case that a page table page is not
2091 * resident, we are creating it here.
2093 if (va < UPT_MIN_ADDRESS)
2094 mpte = pmap_allocpte(pmap, va);
2098 pmap_inval_init(&info);
2099 pte = pmap_pte(pmap, va);
2102 * Page Directory table entry not valid, we need a new PT page
2105 panic("pmap_enter: invalid page directory pdir=%x, va=0x%x\n",
2106 pmap->pm_pdir[PTDPTDI], va);
2109 pa = VM_PAGE_TO_PHYS(m) & PG_FRAME;
2110 origpte = *(vm_offset_t *)pte;
2111 opa = origpte & PG_FRAME;
2113 if (origpte & PG_PS)
2114 panic("pmap_enter: attempted pmap_enter on 4MB page");
2117 * Mapping has not changed, must be protection or wiring change.
2119 if (origpte && (opa == pa)) {
2121 * Wiring change, just update stats. We don't worry about
2122 * wiring PT pages as they remain resident as long as there
2123 * are valid mappings in them. Hence, if a user page is wired,
2124 * the PT page will be also.
2126 if (wired && ((origpte & PG_W) == 0))
2127 pmap->pm_stats.wired_count++;
2128 else if (!wired && (origpte & PG_W))
2129 pmap->pm_stats.wired_count--;
2131 #if defined(PMAP_DIAGNOSTIC)
2132 if (pmap_nw_modified((pt_entry_t) origpte)) {
2134 "pmap_enter: modified page not writable: va: 0x%x, pte: 0x%x\n",
2140 * Remove the extra pte reference. Note that we cannot
2141 * optimize the RO->RW case because we have adjusted the
2142 * wiring count above and may need to adjust the wiring
2149 * We might be turning off write access to the page,
2150 * so we go ahead and sense modify status.
2152 if (origpte & PG_MANAGED) {
2153 if ((origpte & PG_M) && pmap_track_modified(va)) {
2155 om = PHYS_TO_VM_PAGE(opa);
2159 KKASSERT(m->flags & PG_MAPPED);
2164 * Mapping has changed, invalidate old range and fall through to
2165 * handle validating new mapping.
2169 err = pmap_remove_pte(pmap, pte, va, &info);
2171 panic("pmap_enter: pte vanished, va: 0x%x", va);
2175 * Enter on the PV list if part of our managed memory. Note that we
2176 * raise IPL while manipulating pv_table since pmap_enter can be
2177 * called at interrupt time.
2179 if (pmap_initialized &&
2180 (m->flags & (PG_FICTITIOUS|PG_UNMANAGED)) == 0) {
2181 pmap_insert_entry(pmap, va, mpte, m);
2183 vm_page_flag_set(m, PG_MAPPED);
2187 * Increment counters
2189 ++pmap->pm_stats.resident_count;
2191 pmap->pm_stats.wired_count++;
2195 * Now validate mapping with desired protection/wiring.
2197 newpte = (vm_offset_t) (pa | pte_prot(pmap, prot) | PG_V);
2201 if (va < UPT_MIN_ADDRESS)
2203 if (pmap == &kernel_pmap)
2207 * if the mapping or permission bits are different, we need
2208 * to update the pte.
2210 if ((origpte & ~(PG_M|PG_A)) != newpte) {
2211 pmap_inval_add(&info, pmap, va);
2212 *pte = newpte | PG_A;
2214 vm_page_flag_set(m, PG_WRITEABLE);
2216 KKASSERT((newpte & PG_MANAGED) == 0 || (m->flags & PG_MAPPED));
2217 pmap_inval_flush(&info);
2221 * This code works like pmap_enter() but assumes VM_PROT_READ and not-wired.
2222 * This code also assumes that the pmap has no pre-existing entry for this
2225 * This code currently may only be used on user pmaps, not kernel_pmap.
2228 pmap_enter_quick(pmap_t pmap, vm_offset_t va, vm_page_t m)
2233 vm_pindex_t ptepindex;
2235 pmap_inval_info info;
2237 pmap_inval_init(&info);
2239 if (va < UPT_MAX_ADDRESS && pmap == &kernel_pmap) {
2240 kprintf("Warning: pmap_enter_quick called on UVA with kernel_pmap\n");
2243 if (va >= UPT_MAX_ADDRESS && pmap != &kernel_pmap) {
2244 kprintf("Warning: pmap_enter_quick called on KVA without kernel_pmap\n");
2248 KKASSERT(va < UPT_MIN_ADDRESS); /* assert used on user pmaps only */
2251 * Calculate the page table page (mpte), allocating it if necessary.
2253 * A held page table page (mpte), or NULL, is passed onto the
2254 * section following.
2256 if (va < UPT_MIN_ADDRESS) {
2258 * Calculate pagetable page index
2260 ptepindex = va >> PDRSHIFT;
2264 * Get the page directory entry
2266 ptepa = (vm_offset_t) pmap->pm_pdir[ptepindex];
2269 * If the page table page is mapped, we just increment
2270 * the hold count, and activate it.
2274 panic("pmap_enter_quick: unexpected mapping into 4MB page");
2275 if (pmap->pm_ptphint &&
2276 (pmap->pm_ptphint->pindex == ptepindex)) {
2277 mpte = pmap->pm_ptphint;
2279 mpte = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
2280 pmap->pm_ptphint = mpte;
2285 mpte = _pmap_allocpte(pmap, ptepindex);
2287 } while (mpte == NULL);
2290 /* this code path is not yet used */
2294 * With a valid (and held) page directory page, we can just use
2295 * vtopte() to get to the pte. If the pte is already present
2296 * we do not disturb it.
2301 pmap_unwire_pte_hold(pmap, mpte, &info);
2302 pa = VM_PAGE_TO_PHYS(m);
2303 KKASSERT(((*pte ^ pa) & PG_FRAME) == 0);
2308 * Enter on the PV list if part of our managed memory
2310 if ((m->flags & (PG_FICTITIOUS|PG_UNMANAGED)) == 0) {
2311 pmap_insert_entry(pmap, va, mpte, m);
2312 vm_page_flag_set(m, PG_MAPPED);
2316 * Increment counters
2318 ++pmap->pm_stats.resident_count;
2320 pa = VM_PAGE_TO_PHYS(m);
2323 * Now validate mapping with RO protection
2325 if (m->flags & (PG_FICTITIOUS|PG_UNMANAGED))
2326 *pte = pa | PG_V | PG_U;
2328 *pte = pa | PG_V | PG_U | PG_MANAGED;
2329 /* pmap_inval_add(&info, pmap, va); shouldn't be needed inval->valid */
2330 pmap_inval_flush(&info);
2334 * Make a temporary mapping for a physical address. This is only intended
2335 * to be used for panic dumps.
2338 pmap_kenter_temporary(vm_paddr_t pa, int i)
2340 pmap_kenter((vm_offset_t)crashdumpmap + (i * PAGE_SIZE), pa);
2341 return ((void *)crashdumpmap);
2344 #define MAX_INIT_PT (96)
2347 * This routine preloads the ptes for a given object into the specified pmap.
2348 * This eliminates the blast of soft faults on process startup and
2349 * immediately after an mmap.
2351 static int pmap_object_init_pt_callback(vm_page_t p, void *data);
2354 pmap_object_init_pt(pmap_t pmap, vm_offset_t addr, vm_prot_t prot,
2355 vm_object_t object, vm_pindex_t pindex,
2356 vm_size_t size, int limit)
2358 struct rb_vm_page_scan_info info;
2363 * We can't preinit if read access isn't set or there is no pmap
2366 if ((prot & VM_PROT_READ) == 0 || pmap == NULL || object == NULL)
2370 * We can't preinit if the pmap is not the current pmap
2372 lp = curthread->td_lwp;
2373 if (lp == NULL || pmap != vmspace_pmap(lp->lwp_vmspace))
2376 psize = amd64_btop(size);
2378 if ((object->type != OBJT_VNODE) ||
2379 ((limit & MAP_PREFAULT_PARTIAL) && (psize > MAX_INIT_PT) &&
2380 (object->resident_page_count > MAX_INIT_PT))) {
2384 if (psize + pindex > object->size) {
2385 if (object->size < pindex)
2387 psize = object->size - pindex;
2394 * Use a red-black scan to traverse the requested range and load
2395 * any valid pages found into the pmap.
2397 * We cannot safely scan the object's memq unless we are in a
2398 * critical section since interrupts can remove pages from objects.
2400 info.start_pindex = pindex;
2401 info.end_pindex = pindex + psize - 1;
2408 vm_page_rb_tree_RB_SCAN(&object->rb_memq, rb_vm_page_scancmp,
2409 pmap_object_init_pt_callback, &info);
2415 pmap_object_init_pt_callback(vm_page_t p, void *data)
2417 struct rb_vm_page_scan_info *info = data;
2418 vm_pindex_t rel_index;
2420 * don't allow an madvise to blow away our really
2421 * free pages allocating pv entries.
2423 if ((info->limit & MAP_PREFAULT_MADVISE) &&
2424 vmstats.v_free_count < vmstats.v_free_reserved) {
2427 if (((p->valid & VM_PAGE_BITS_ALL) == VM_PAGE_BITS_ALL) &&
2428 (p->busy == 0) && (p->flags & (PG_BUSY | PG_FICTITIOUS)) == 0) {
2429 if ((p->queue - p->pc) == PQ_CACHE)
2430 vm_page_deactivate(p);
2432 rel_index = p->pindex - info->start_pindex;
2433 pmap_enter_quick(info->pmap,
2434 info->addr + amd64_ptob(rel_index), p);
2441 * pmap_prefault provides a quick way of clustering pagefaults into a
2442 * processes address space. It is a "cousin" of pmap_object_init_pt,
2443 * except it runs at page fault time instead of mmap time.
2447 #define PAGEORDER_SIZE (PFBAK+PFFOR)
2449 static int pmap_prefault_pageorder[] = {
2450 -PAGE_SIZE, PAGE_SIZE,
2451 -2 * PAGE_SIZE, 2 * PAGE_SIZE,
2452 -3 * PAGE_SIZE, 3 * PAGE_SIZE,
2453 -4 * PAGE_SIZE, 4 * PAGE_SIZE
2457 pmap_prefault(pmap_t pmap, vm_offset_t addra, vm_map_entry_t entry)
2468 * We do not currently prefault mappings that use virtual page
2469 * tables. We do not prefault foreign pmaps.
2471 if (entry->maptype == VM_MAPTYPE_VPAGETABLE)
2473 lp = curthread->td_lwp;
2474 if (lp == NULL || (pmap != vmspace_pmap(lp->lwp_vmspace)))
2477 object = entry->object.vm_object;
2479 starta = addra - PFBAK * PAGE_SIZE;
2480 if (starta < entry->start)
2481 starta = entry->start;
2482 else if (starta > addra)
2486 * critical section protection is required to maintain the
2487 * page/object association, interrupts can free pages and remove
2488 * them from their objects.
2491 for (i = 0; i < PAGEORDER_SIZE; i++) {
2492 vm_object_t lobject;
2495 addr = addra + pmap_prefault_pageorder[i];
2496 if (addr > addra + (PFFOR * PAGE_SIZE))
2499 if (addr < starta || addr >= entry->end)
2502 if ((*pmap_pde(pmap, addr)) == 0)
2509 pindex = ((addr - entry->start) + entry->offset) >> PAGE_SHIFT;
2512 for (m = vm_page_lookup(lobject, pindex);
2513 (!m && (lobject->type == OBJT_DEFAULT) &&
2514 (lobject->backing_object));
2515 lobject = lobject->backing_object
2517 if (lobject->backing_object_offset & PAGE_MASK)
2519 pindex += (lobject->backing_object_offset >> PAGE_SHIFT);
2520 m = vm_page_lookup(lobject->backing_object, pindex);
2524 * give-up when a page is not in memory
2529 if (((m->valid & VM_PAGE_BITS_ALL) == VM_PAGE_BITS_ALL) &&
2531 (m->flags & (PG_BUSY | PG_FICTITIOUS)) == 0) {
2533 if ((m->queue - m->pc) == PQ_CACHE) {
2534 vm_page_deactivate(m);
2537 pmap_enter_quick(pmap, addr, m);
2545 * Routine: pmap_change_wiring
2546 * Function: Change the wiring attribute for a map/virtual-address
2548 * In/out conditions:
2549 * The mapping must already exist in the pmap.
2552 pmap_change_wiring(pmap_t pmap, vm_offset_t va, boolean_t wired)
2559 pte = pmap_pte(pmap, va);
2561 if (wired && !pmap_pte_w(pte))
2562 pmap->pm_stats.wired_count++;
2563 else if (!wired && pmap_pte_w(pte))
2564 pmap->pm_stats.wired_count--;
2567 * Wiring is not a hardware characteristic so there is no need to
2568 * invalidate TLB. However, in an SMP environment we must use
2569 * a locked bus cycle to update the pte (if we are not using
2570 * the pmap_inval_*() API that is)... it's ok to do this for simple
2575 atomic_set_int(pte, PG_W);
2577 atomic_clear_int(pte, PG_W);
2580 atomic_set_int_nonlocked(pte, PG_W);
2582 atomic_clear_int_nonlocked(pte, PG_W);
2589 * Copy the range specified by src_addr/len
2590 * from the source map to the range dst_addr/len
2591 * in the destination map.
2593 * This routine is only advisory and need not do anything.
2596 pmap_copy(pmap_t dst_pmap, pmap_t src_pmap, vm_offset_t dst_addr,
2597 vm_size_t len, vm_offset_t src_addr)
2599 pmap_inval_info info;
2601 vm_offset_t end_addr = src_addr + len;
2603 pd_entry_t src_frame, dst_frame;
2606 if (dst_addr != src_addr)
2609 * XXX BUGGY. Amoung other things srcmpte is assumed to remain
2610 * valid through blocking calls, and that's just not going to
2617 src_frame = src_pmap->pm_pdir[PTDPTDI] & PG_FRAME;
2618 if (src_frame != (PTDpde & PG_FRAME)) {
2622 dst_frame = dst_pmap->pm_pdir[PTDPTDI] & PG_FRAME;
2623 if (dst_frame != (APTDpde & PG_FRAME)) {
2624 APTDpde = (pd_entry_t) (dst_frame | PG_RW | PG_V);
2625 /* The page directory is not shared between CPUs */
2628 pmap_inval_init(&info);
2629 pmap_inval_add(&info, dst_pmap, -1);
2630 pmap_inval_add(&info, src_pmap, -1);
2633 * critical section protection is required to maintain the page/object
2634 * association, interrupts can free pages and remove them from
2638 for (addr = src_addr; addr < end_addr; addr = pdnxt) {
2639 pt_entry_t *src_pte, *dst_pte;
2640 vm_page_t dstmpte, srcmpte;
2641 vm_offset_t srcptepaddr;
2642 vm_pindex_t ptepindex;
2644 if (addr >= UPT_MIN_ADDRESS)
2645 panic("pmap_copy: invalid to pmap_copy page tables\n");
2648 * Don't let optional prefaulting of pages make us go
2649 * way below the low water mark of free pages or way
2650 * above high water mark of used pv entries.
2652 if (vmstats.v_free_count < vmstats.v_free_reserved ||
2653 pv_entry_count > pv_entry_high_water)
2656 pdnxt = ((addr + PAGE_SIZE*NPTEPG) & ~(PAGE_SIZE*NPTEPG - 1));
2657 ptepindex = addr >> PDRSHIFT;
2659 srcptepaddr = (vm_offset_t) src_pmap->pm_pdir[ptepindex];
2660 if (srcptepaddr == 0)
2663 if (srcptepaddr & PG_PS) {
2664 if (dst_pmap->pm_pdir[ptepindex] == 0) {
2665 dst_pmap->pm_pdir[ptepindex] = (pd_entry_t) srcptepaddr;
2666 dst_pmap->pm_stats.resident_count += NBPDR / PAGE_SIZE;
2671 srcmpte = vm_page_lookup(src_pmap->pm_pteobj, ptepindex);
2672 if ((srcmpte == NULL) || (srcmpte->hold_count == 0) ||
2673 (srcmpte->flags & PG_BUSY)) {
2677 if (pdnxt > end_addr)
2680 src_pte = vtopte(addr);
2681 dst_pte = avtopte(addr);
2682 while (addr < pdnxt) {
2687 * we only virtual copy managed pages
2689 if ((ptetemp & PG_MANAGED) != 0) {
2691 * We have to check after allocpte for the
2692 * pte still being around... allocpte can
2695 * pmap_allocpte() can block. If we lose
2696 * our page directory mappings we stop.
2698 dstmpte = pmap_allocpte(dst_pmap, addr);
2700 if (src_frame != (PTDpde & PG_FRAME) ||
2701 dst_frame != (APTDpde & PG_FRAME)
2703 kprintf("WARNING: pmap_copy: detected and corrected race\n");
2704 pmap_unwire_pte_hold(dst_pmap, dstmpte, &info);
2706 } else if ((*dst_pte == 0) &&
2707 (ptetemp = *src_pte) != 0 &&
2708 (ptetemp & PG_MANAGED)) {
2710 * Clear the modified and
2711 * accessed (referenced) bits
2714 m = PHYS_TO_VM_PAGE(ptetemp);
2715 *dst_pte = ptetemp & ~(PG_M | PG_A);
2716 ++dst_pmap->pm_stats.resident_count;
2717 pmap_insert_entry(dst_pmap, addr,
2719 KKASSERT(m->flags & PG_MAPPED);
2721 kprintf("WARNING: pmap_copy: dst_pte race detected and corrected\n");
2722 pmap_unwire_pte_hold(dst_pmap, dstmpte, &info);
2725 if (dstmpte->hold_count >= srcmpte->hold_count)
2735 pmap_inval_flush(&info);
2741 * Zero the specified PA by mapping the page into KVM and clearing its
2744 * This function may be called from an interrupt and no locking is
2748 pmap_zero_page(vm_paddr_t phys)
2750 struct mdglobaldata *gd = mdcpu;
2754 panic("pmap_zero_page: CMAP3 busy");
2756 PG_V | PG_RW | (phys & PG_FRAME) | PG_A | PG_M;
2757 cpu_invlpg(gd->gd_CADDR3);
2759 #if defined(I686_CPU)
2760 if (cpu_class == CPUCLASS_686)
2761 i686_pagezero(gd->gd_CADDR3);
2764 bzero(gd->gd_CADDR3, PAGE_SIZE);
2770 * pmap_page_assertzero:
2772 * Assert that a page is empty, panic if it isn't.
2775 pmap_page_assertzero(vm_paddr_t phys)
2777 struct mdglobaldata *gd = mdcpu;
2782 panic("pmap_zero_page: CMAP3 busy");
2784 PG_V | PG_RW | (phys & PG_FRAME) | PG_A | PG_M;
2785 cpu_invlpg(gd->gd_CADDR3);
2786 for (i = 0; i < PAGE_SIZE; i += sizeof(int)) {
2787 if (*(int *)((char *)gd->gd_CADDR3 + i) != 0) {
2788 panic("pmap_page_assertzero() @ %p not zero!\n",
2789 (void *)gd->gd_CADDR3);
2799 * Zero part of a physical page by mapping it into memory and clearing
2800 * its contents with bzero.
2802 * off and size may not cover an area beyond a single hardware page.
2805 pmap_zero_page_area(vm_paddr_t phys, int off, int size)
2807 struct mdglobaldata *gd = mdcpu;
2811 panic("pmap_zero_page: CMAP3 busy");
2812 *gd->gd_CMAP3 = PG_V | PG_RW | (phys & PG_FRAME) | PG_A | PG_M;
2813 cpu_invlpg(gd->gd_CADDR3);
2815 #if defined(I686_CPU)
2816 if (cpu_class == CPUCLASS_686 && off == 0 && size == PAGE_SIZE)
2817 i686_pagezero(gd->gd_CADDR3);
2820 bzero((char *)gd->gd_CADDR3 + off, size);
2828 * Copy the physical page from the source PA to the target PA.
2829 * This function may be called from an interrupt. No locking
2833 pmap_copy_page(vm_paddr_t src, vm_paddr_t dst)
2835 struct mdglobaldata *gd = mdcpu;
2839 panic("pmap_copy_page: CMAP1 busy");
2841 panic("pmap_copy_page: CMAP2 busy");
2843 *gd->gd_CMAP1 = PG_V | (src & PG_FRAME) | PG_A;
2844 *gd->gd_CMAP2 = PG_V | PG_RW | (dst & PG_FRAME) | PG_A | PG_M;
2846 cpu_invlpg(gd->gd_CADDR1);
2847 cpu_invlpg(gd->gd_CADDR2);
2849 bcopy(gd->gd_CADDR1, gd->gd_CADDR2, PAGE_SIZE);
2857 * pmap_copy_page_frag:
2859 * Copy the physical page from the source PA to the target PA.
2860 * This function may be called from an interrupt. No locking
2864 pmap_copy_page_frag(vm_paddr_t src, vm_paddr_t dst, size_t bytes)
2866 struct mdglobaldata *gd = mdcpu;
2870 panic("pmap_copy_page: CMAP1 busy");
2872 panic("pmap_copy_page: CMAP2 busy");
2874 *gd->gd_CMAP1 = PG_V | (src & PG_FRAME) | PG_A;
2875 *gd->gd_CMAP2 = PG_V | PG_RW | (dst & PG_FRAME) | PG_A | PG_M;
2877 cpu_invlpg(gd->gd_CADDR1);
2878 cpu_invlpg(gd->gd_CADDR2);
2880 bcopy((char *)gd->gd_CADDR1 + (src & PAGE_MASK),
2881 (char *)gd->gd_CADDR2 + (dst & PAGE_MASK),
2890 * Returns true if the pmap's pv is one of the first
2891 * 16 pvs linked to from this page. This count may
2892 * be changed upwards or downwards in the future; it
2893 * is only necessary that true be returned for a small
2894 * subset of pmaps for proper page aging.
2897 pmap_page_exists_quick(pmap_t pmap, vm_page_t m)
2902 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
2907 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
2908 if (pv->pv_pmap == pmap) {
2921 * Remove all pages from specified address space
2922 * this aids process exit speeds. Also, this code
2923 * is special cased for current process only, but
2924 * can have the more generic (and slightly slower)
2925 * mode enabled. This is much faster than pmap_remove
2926 * in the case of running down an entire address space.
2929 pmap_remove_pages(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
2932 pt_entry_t *pte, tpte;
2935 pmap_inval_info info;
2937 int32_t save_generation;
2939 lp = curthread->td_lwp;
2940 if (lp && pmap == vmspace_pmap(lp->lwp_vmspace))
2945 pmap_inval_init(&info);
2947 for (pv = TAILQ_FIRST(&pmap->pm_pvlist); pv; pv = npv) {
2948 if (pv->pv_va >= eva || pv->pv_va < sva) {
2949 npv = TAILQ_NEXT(pv, pv_plist);
2953 KKASSERT(pmap == pv->pv_pmap);
2956 pte = vtopte(pv->pv_va);
2958 pte = pmap_pte_quick(pmap, pv->pv_va);
2959 if (pmap->pm_active)
2960 pmap_inval_add(&info, pmap, pv->pv_va);
2963 * We cannot remove wired pages from a process' mapping
2967 npv = TAILQ_NEXT(pv, pv_plist);
2970 tpte = pte_load_clear(pte);
2972 m = PHYS_TO_VM_PAGE(tpte);
2974 KASSERT(m < &vm_page_array[vm_page_array_size],
2975 ("pmap_remove_pages: bad tpte %x", tpte));
2977 KKASSERT(pmap->pm_stats.resident_count > 0);
2978 --pmap->pm_stats.resident_count;
2981 * Update the vm_page_t clean and reference bits.
2987 npv = TAILQ_NEXT(pv, pv_plist);
2988 TAILQ_REMOVE(&pmap->pm_pvlist, pv, pv_plist);
2989 save_generation = ++pmap->pm_generation;
2991 m->md.pv_list_count--;
2992 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
2993 if (TAILQ_EMPTY(&m->md.pv_list))
2994 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
2996 pmap_unuse_pt(pmap, pv->pv_va, pv->pv_ptem, &info);
3000 * Restart the scan if we blocked during the unuse or free
3001 * calls and other removals were made.
3003 if (save_generation != pmap->pm_generation) {
3004 kprintf("Warning: pmap_remove_pages race-A avoided\n");
3005 pv = TAILQ_FIRST(&pmap->pm_pvlist);
3008 pmap_inval_flush(&info);
3013 * pmap_testbit tests bits in pte's
3014 * note that the testbit/clearbit routines are inline,
3015 * and a lot of things compile-time evaluate.
3018 pmap_testbit(vm_page_t m, int bit)
3023 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
3026 if (TAILQ_FIRST(&m->md.pv_list) == NULL)
3031 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
3033 * if the bit being tested is the modified bit, then
3034 * mark clean_map and ptes as never
3037 if (bit & (PG_A|PG_M)) {
3038 if (!pmap_track_modified(pv->pv_va))
3042 #if defined(PMAP_DIAGNOSTIC)
3044 kprintf("Null pmap (tb) at va: 0x%x\n", pv->pv_va);
3048 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
3059 * this routine is used to modify bits in ptes
3061 static __inline void
3062 pmap_clearbit(vm_page_t m, int bit)
3064 struct pmap_inval_info info;
3069 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
3072 pmap_inval_init(&info);
3076 * Loop over all current mappings setting/clearing as appropos If
3077 * setting RO do we need to clear the VAC?
3079 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
3081 * don't write protect pager mappings
3084 if (!pmap_track_modified(pv->pv_va))
3088 #if defined(PMAP_DIAGNOSTIC)
3090 kprintf("Null pmap (cb) at va: 0x%x\n", pv->pv_va);
3096 * Careful here. We can use a locked bus instruction to
3097 * clear PG_A or PG_M safely but we need to synchronize
3098 * with the target cpus when we mess with PG_RW.
3100 * We do not have to force synchronization when clearing
3101 * PG_M even for PTEs generated via virtual memory maps,
3102 * because the virtual kernel will invalidate the pmap
3103 * entry when/if it needs to resynchronize the Modify bit.
3106 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
3107 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
3114 atomic_clear_int(pte, PG_M|PG_RW);
3117 * The cpu may be trying to set PG_M
3118 * simultaniously with our clearing
3121 if (!atomic_cmpset_int(pte, pbits,
3125 } else if (bit == PG_M) {
3127 * We could also clear PG_RW here to force
3128 * a fault on write to redetect PG_M for
3129 * virtual kernels, but it isn't necessary
3130 * since virtual kernels invalidate the pte
3131 * when they clear the VPTE_M bit in their
3132 * virtual page tables.
3134 atomic_clear_int(pte, PG_M);
3136 atomic_clear_int(pte, bit);
3140 pmap_inval_flush(&info);
3145 * pmap_page_protect:
3147 * Lower the permission for all mappings to a given page.
3150 pmap_page_protect(vm_page_t m, vm_prot_t prot)
3152 if ((prot & VM_PROT_WRITE) == 0) {
3153 if (prot & (VM_PROT_READ | VM_PROT_EXECUTE)) {
3154 pmap_clearbit(m, PG_RW);
3155 vm_page_flag_clear(m, PG_WRITEABLE);
3163 pmap_phys_address(vm_pindex_t ppn)
3165 return (amd64_ptob(ppn));
3169 * pmap_ts_referenced:
3171 * Return a count of reference bits for a page, clearing those bits.
3172 * It is not necessary for every reference bit to be cleared, but it
3173 * is necessary that 0 only be returned when there are truly no
3174 * reference bits set.
3176 * XXX: The exact number of bits to check and clear is a matter that
3177 * should be tested and standardized at some point in the future for
3178 * optimal aging of shared pages.
3181 pmap_ts_referenced(vm_page_t m)
3183 pv_entry_t pv, pvf, pvn;
3187 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
3192 if ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
3197 pvn = TAILQ_NEXT(pv, pv_list);
3199 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
3201 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_list);
3203 if (!pmap_track_modified(pv->pv_va))
3206 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
3208 if (pte && (*pte & PG_A)) {
3210 atomic_clear_int(pte, PG_A);
3212 atomic_clear_int_nonlocked(pte, PG_A);
3219 } while ((pv = pvn) != NULL && pv != pvf);
3229 * Return whether or not the specified physical page was modified
3230 * in any physical maps.
3233 pmap_is_modified(vm_page_t m)
3235 return pmap_testbit(m, PG_M);
3239 * Clear the modify bits on the specified physical page.
3242 pmap_clear_modify(vm_page_t m)
3244 pmap_clearbit(m, PG_M);
3248 * pmap_clear_reference:
3250 * Clear the reference bit on the specified physical page.
3253 pmap_clear_reference(vm_page_t m)
3255 pmap_clearbit(m, PG_A);
3259 * Miscellaneous support routines follow
3263 i386_protection_init(void)
3267 kp = protection_codes;
3268 for (prot = 0; prot < 8; prot++) {
3270 case VM_PROT_NONE | VM_PROT_NONE | VM_PROT_NONE:
3272 * Read access is also 0. There isn't any execute bit,
3273 * so just make it readable.
3275 case VM_PROT_READ | VM_PROT_NONE | VM_PROT_NONE:
3276 case VM_PROT_READ | VM_PROT_NONE | VM_PROT_EXECUTE:
3277 case VM_PROT_NONE | VM_PROT_NONE | VM_PROT_EXECUTE:
3280 case VM_PROT_NONE | VM_PROT_WRITE | VM_PROT_NONE:
3281 case VM_PROT_NONE | VM_PROT_WRITE | VM_PROT_EXECUTE:
3282 case VM_PROT_READ | VM_PROT_WRITE | VM_PROT_NONE:
3283 case VM_PROT_READ | VM_PROT_WRITE | VM_PROT_EXECUTE:
3291 * Map a set of physical memory pages into the kernel virtual
3292 * address space. Return a pointer to where it is mapped. This
3293 * routine is intended to be used for mapping device memory,
3296 * NOTE: we can't use pgeflag unless we invalidate the pages one at
3300 pmap_mapdev(vm_paddr_t pa, vm_size_t size)
3302 vm_offset_t va, tmpva, offset;
3305 offset = pa & PAGE_MASK;
3306 size = roundup(offset + size, PAGE_SIZE);
3308 va = kmem_alloc_nofault(&kernel_map, size);
3310 panic("pmap_mapdev: Couldn't alloc kernel virtual memory");
3313 for (tmpva = va; size > 0;) {
3314 pte = vtopte(tmpva);
3315 *pte = pa | PG_RW | PG_V; /* | pgeflag; */
3323 return ((void *)(va + offset));
3327 pmap_unmapdev(vm_offset_t va, vm_size_t size)
3329 vm_offset_t base, offset;
3331 base = va & PG_FRAME;
3332 offset = va & PAGE_MASK;
3333 size = roundup(offset + size, PAGE_SIZE);
3334 pmap_qremove(va, size >> PAGE_SHIFT);
3335 kmem_free(&kernel_map, base, size);
3339 * perform the pmap work for mincore
3342 pmap_mincore(pmap_t pmap, vm_offset_t addr)
3344 pt_entry_t *ptep, pte;
3348 ptep = pmap_pte(pmap, addr);
3353 if ((pte = *ptep) != 0) {
3356 val = MINCORE_INCORE;
3357 if ((pte & PG_MANAGED) == 0)
3360 pa = pte & PG_FRAME;
3362 m = PHYS_TO_VM_PAGE(pa);
3368 val |= MINCORE_MODIFIED|MINCORE_MODIFIED_OTHER;
3370 * Modified by someone
3372 else if (m->dirty || pmap_is_modified(m))
3373 val |= MINCORE_MODIFIED_OTHER;
3378 val |= MINCORE_REFERENCED|MINCORE_REFERENCED_OTHER;
3381 * Referenced by someone
3383 else if ((m->flags & PG_REFERENCED) || pmap_ts_referenced(m)) {
3384 val |= MINCORE_REFERENCED_OTHER;
3385 vm_page_flag_set(m, PG_REFERENCED);
3392 * Replace p->p_vmspace with a new one. If adjrefs is non-zero the new
3393 * vmspace will be ref'd and the old one will be deref'd.
3395 * The vmspace for all lwps associated with the process will be adjusted
3396 * and cr3 will be reloaded if any lwp is the current lwp.
3399 pmap_replacevm(struct proc *p, struct vmspace *newvm, int adjrefs)
3401 struct vmspace *oldvm;
3405 oldvm = p->p_vmspace;
3406 if (oldvm != newvm) {
3407 p->p_vmspace = newvm;
3408 KKASSERT(p->p_nthreads == 1);
3409 lp = RB_ROOT(&p->p_lwp_tree);
3410 pmap_setlwpvm(lp, newvm);
3412 sysref_get(&newvm->vm_sysref);
3413 sysref_put(&oldvm->vm_sysref);
3420 * Set the vmspace for a LWP. The vmspace is almost universally set the
3421 * same as the process vmspace, but virtual kernels need to swap out contexts
3422 * on a per-lwp basis.
3425 pmap_setlwpvm(struct lwp *lp, struct vmspace *newvm)
3427 struct vmspace *oldvm;
3431 oldvm = lp->lwp_vmspace;
3433 if (oldvm != newvm) {
3434 lp->lwp_vmspace = newvm;
3435 if (curthread->td_lwp == lp) {
3436 pmap = vmspace_pmap(newvm);
3438 atomic_set_int(&pmap->pm_active, 1 << mycpu->gd_cpuid);
3440 pmap->pm_active |= 1;
3442 #if defined(SWTCH_OPTIM_STATS)
3445 curthread->td_pcb->pcb_cr3 = vtophys(pmap->pm_pdir);
3446 curthread->td_pcb->pcb_cr3 |= PG_RW | PG_U | PG_V;
3447 *link_pdpe = curthread->td_pcb->pcb_cr3 | PG_RW | PG_U | PG_V;
3448 load_cr3(common_lvl4_phys);
3449 pmap = vmspace_pmap(oldvm);
3451 atomic_clear_int(&pmap->pm_active,
3452 1 << mycpu->gd_cpuid);
3454 pmap->pm_active &= ~1;
3462 pmap_addr_hint(vm_object_t obj, vm_offset_t addr, vm_size_t size)
3465 if ((obj == NULL) || (size < NBPDR) || (obj->type != OBJT_DEVICE)) {
3469 addr = (addr + (NBPDR - 1)) & ~(NBPDR - 1);
3476 static void pads (pmap_t pm);
3477 void pmap_pvdump (vm_paddr_t pa);
3479 /* print address space of pmap*/
3487 if (pm == &kernel_pmap)
3490 for (i = 0; i < NPDEPG; i++) {
3491 if (pm->pm_pdir[i]) {
3492 for (j = 0; j < NPTEPG; j++) {
3493 va = (i << PDRSHIFT) + (j << PAGE_SHIFT);
3494 if (pm == &kernel_pmap && va < KERNBASE)
3496 if (pm != &kernel_pmap && va > UPT_MAX_ADDRESS)
3498 ptep = pmap_pte_quick(pm, va);
3499 if (pmap_pte_v(ptep))
3500 kprintf("%lx:%lx ", va, *ptep);
3509 pmap_pvdump(vm_paddr_t pa)
3514 kprintf("pa %08llx", (long long)pa);
3515 m = PHYS_TO_VM_PAGE(pa);
3516 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
3518 kprintf(" -> pmap %p, va %x, flags %x",
3519 (void *)pv->pv_pmap, pv->pv_va, pv->pv_flags);
3521 kprintf(" -> pmap %p, va %x", (void *)pv->pv_pmap, pv->pv_va);
nant's projects / dragonfly.git / blob