2 * Copyright (c) 2003-2011 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Matthew Dillon <dillon@backplane.com>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * pmap invalidation support code. Certain hardware requirements must
37 * be dealt with when manipulating page table entries and page directory
38 * entries within a pmap. In particular, we cannot safely manipulate
39 * page tables which are in active use by another cpu (even if it is
40 * running in userland) for two reasons: First, TLB writebacks will
41 * race against our own modifications and tests. Second, even if we
42 * were to use bus-locked instruction we can still screw up the
43 * target cpu's instruction pipeline due to Intel cpu errata.
46 #include <sys/param.h>
47 #include <sys/systm.h>
48 #include <sys/kernel.h>
50 #include <sys/vmmeter.h>
51 #include <sys/thread2.h>
52 #include <sys/sysctl.h>
56 #include <vm/vm_object.h>
58 #include <machine/cputypes.h>
59 #include <machine/md_var.h>
60 #include <machine/specialreg.h>
61 #include <machine/smp.h>
62 #include <machine/globaldata.h>
63 #include <machine/pmap.h>
64 #include <machine/pmap_inval.h>
65 #include <machine/clock.h>
68 #define LOOPRECOVER /* enable watchdog */
72 * Watchdog recovery interval, in seconds.
74 * The watchdog value is generous for two reasons. First, because the
75 * situation is not supposed to happen at all (but does), and second,
76 * because VMs could be very slow at handling IPIs.
78 #define LOOPRECOVER_TIMEOUT1 2 /* initial recovery */
79 #define LOOPRECOVER_TIMEOUT2 1 /* repeated recoveries */
81 #define MAX_INVAL_PAGES 128
83 struct pmap_inval_info {
88 enum { INVDONE, INVSTORE, INVCMPSET } mode;
96 tsc_uclock_t tsc_target;
100 typedef struct pmap_inval_info pmap_inval_info_t;
102 static pmap_inval_info_t invinfo[MAXCPU];
103 extern cpumask_t smp_invmask;
106 extern cpumask_t smp_in_mask;
108 extern cpumask_t smp_smurf_mask;
110 static int pmap_inval_watchdog_print; /* must always default off */
111 static int pmap_inval_force_allcpus;
112 static int pmap_inval_force_nonopt;
114 SYSCTL_INT(_machdep, OID_AUTO, pmap_inval_watchdog_print, CTLFLAG_RW,
115 &pmap_inval_watchdog_print, 0, "");
116 SYSCTL_INT(_machdep, OID_AUTO, pmap_inval_force_allcpus, CTLFLAG_RW,
117 &pmap_inval_force_allcpus, 0, "");
118 SYSCTL_INT(_machdep, OID_AUTO, pmap_inval_force_nonopt, CTLFLAG_RW,
119 &pmap_inval_force_nonopt, 0, "");
122 pmap_inval_init(pmap_t pmap)
127 crit_enter_id("inval");
129 if (pmap != &kernel_pmap) {
131 olock = pmap->pm_active_lock;
133 nlock = olock | CPULOCK_EXCL;
134 if (olock != nlock &&
135 atomic_cmpset_int(&pmap->pm_active_lock,
142 atomic_add_acq_long(&pmap->pm_invgen, 1);
147 pmap_inval_done(pmap_t pmap)
149 if (pmap != &kernel_pmap) {
150 atomic_add_acq_long(&pmap->pm_invgen, 1);
151 atomic_clear_int(&pmap->pm_active_lock, CPULOCK_EXCL);
153 crit_exit_id("inval");
159 * Debugging and lost IPI recovery code.
164 loopwdog(struct pmap_inval_info *info)
169 if ((tsc_sclock_t)(info->tsc_target - tsc) < 0 && tsc_frequency) {
170 info->tsc_target = tsc + (tsc_frequency * LOOPRECOVER_TIMEOUT2);
178 loopdebug(const char *msg, pmap_inval_info_t *info)
181 int cpu = mycpu->gd_cpuid;
184 * Don't kprintf() anything if the pmap inval watchdog gets hit.
185 * DRM can cause an occassional watchdog hit (at least with a 1/16
186 * second watchdog), and attempting to kprintf to the KVM frame buffer
187 * from Xinvltlb, which ignores critical sections, can implode the
190 if (pmap_inval_watchdog_print == 0)
195 atomic_add_long(&smp_smurf_mask.ary[0], 0);
197 kprintf("ipilost-%s! %d mode=%d m=%08jx d=%08jx "
207 , msg, cpu, info->mode,
211 , info->sigmask.ary[0]
217 , smp_smurf_mask.ary[0]
221 for (p = 0; p < ncpus; ++p)
222 kprintf(" %d", CPU_prvspace[p]->mdglobaldata.gd_xinvaltlb);
230 #define CHECKSIGMASK(info) _checksigmask(info, __FILE__, __LINE__)
234 _checksigmask(pmap_inval_info_t *info, const char *file, int line)
239 CPUMASK_ANDMASK(tmp, info->sigmask);
240 if (CPUMASK_CMPMASKNEQ(tmp, info->mask)) {
241 kprintf("\"%s\" line %d: bad sig/mask %08jx %08jx\n",
242 file, line, info->sigmask.ary[0], info->mask.ary[0]);
248 #define CHECKSIGMASK(info)
253 * Invalidate the specified va across all cpus associated with the pmap.
254 * If va == (vm_offset_t)-1, we invltlb() instead of invlpg(). The operation
255 * will be done fully synchronously with storing npte into *ptep and returning
258 * If ptep is NULL the operation will execute semi-synchronously.
259 * ptep must be NULL if npgs > 1
262 pmap_inval_smp(pmap_t pmap, vm_offset_t va, vm_pindex_t npgs,
263 pt_entry_t *ptep, pt_entry_t npte)
265 globaldata_t gd = mycpu;
266 pmap_inval_info_t *info;
268 int cpu = gd->gd_cpuid;
270 unsigned long rflags;
273 * Initialize invalidation for pmap and enter critical section.
274 * This will enter a critical section for us.
280 * Shortcut single-cpu case if possible.
282 if (CPUMASK_CMPMASKEQ(pmap->pm_active, gd->gd_cpumask) &&
283 pmap_inval_force_nonopt == 0) {
285 * Convert to invltlb if there are too many pages to
288 if (pmap->pm_flags & PMAP_MULTI)
289 pmap_inval_init(pmap);
292 opte = atomic_swap_long(ptep, npte);
293 if (va == (vm_offset_t)-1)
296 cpu_invlpg((void *)va);
297 } else if (va == (vm_offset_t)-1 || npgs > MAX_INVAL_PAGES) {
300 opte = atomic_swap_long(ptep, npte);
309 opte = atomic_swap_long(ptep, npte);
312 cpu_invlpg((void *)va);
317 if (pmap->pm_flags & PMAP_MULTI)
318 pmap_inval_done(pmap);
324 * We need a critical section to prevent getting preempted while
325 * we setup our command. A preemption might execute its own
326 * pmap_inval*() command and create confusion below.
328 * tsc_target is our watchdog timeout that will attempt to recover
329 * from a lost IPI. Set to 1/16 second for now.
331 pmap_inval_init(pmap);
332 info = &invinfo[cpu];
335 * We must wait for other cpus which may still be finishing up a
336 * prior operation that we requested.
338 * We do not have to disable interrupts here. An Xinvltlb can occur
339 * at any time (even within a critical section), but it will not
340 * act on our command until we set our done bits.
342 while (CPUMASK_TESTNZERO(info->done)) {
344 if (loopwdog(info)) {
346 loopdebug("A", info);
347 /* XXX recover from possible bug */
348 CPUMASK_ASSZERO(info->done);
353 KKASSERT(info->mode == INVDONE);
357 * Must set our cpu in the invalidation scan mask before
358 * any possibility of [partial] execution (remember, XINVLTLB
359 * can interrupt a critical section).
361 ATOMIC_CPUMASK_ORBIT(smp_invmask, cpu);
363 info->tsc_target = rdtsc() + (tsc_frequency * LOOPRECOVER_TIMEOUT1);
372 info->mode = INVSTORE;
374 tmpmask = pmap->pm_active; /* volatile (bits may be cleared) */
375 if (pmap_inval_force_allcpus)
376 tmpmask = smp_active_mask;
378 CPUMASK_ANDMASK(tmpmask, smp_active_mask);
381 * If ptep is NULL the operation can be semi-synchronous, which means
382 * we can improve performance by flagging and removing idle cpus
383 * (see the idleinvlclr function in mp_machdep.c).
385 * Typically kernel page table operation is semi-synchronous.
388 smp_smurf_idleinvlclr(&tmpmask);
389 CPUMASK_ORBIT(tmpmask, cpu);
390 info->mask = tmpmask;
393 * Command may start executing the moment 'done' is initialized,
394 * disable current cpu interrupt to prevent 'done' field from
395 * changing (other cpus can't clear done bits until the originating
396 * cpu clears its mask bit, but other cpus CAN start clearing their
400 info->sigmask = tmpmask;
404 rflags = read_rflags();
407 ATOMIC_CPUMASK_COPY(info->done, tmpmask);
408 /* execution can begin here on other cpus due to races */
411 * Pass our copy of the done bits (so they don't change out from
412 * under us) to generate the Xinvltlb interrupt on the targets.
414 * smp_invlpg() issues the command, synchronizes with other cpus,
415 * and executes the command on our cpu. Upon return other cpus
416 * may still be in the process of exiting their synchroniization.
418 smp_invlpg(&tmpmask);
420 KKASSERT(info->mode == INVDONE);
423 * Target cpus will be in their loop exiting concurrently with our
424 * cleanup. They will not lose the bitmask they obtained before so
425 * we can safely clear this bit.
427 ATOMIC_CPUMASK_NANDBIT(smp_invmask, cpu);
428 write_rflags(rflags);
429 pmap_inval_done(pmap);
435 * API function - invalidate the pte at (va) and replace *ptep with npte
436 * atomically only if *ptep equals opte, across the pmap's active cpus.
438 * Returns 1 on success, 0 on failure (caller typically retries).
441 pmap_inval_smp_cmpset(pmap_t pmap, vm_offset_t va, pt_entry_t *ptep,
442 pt_entry_t opte, pt_entry_t npte)
444 globaldata_t gd = mycpu;
445 pmap_inval_info_t *info;
447 int cpu = gd->gd_cpuid;
449 unsigned long rflags;
452 * Initialize invalidation for pmap and enter critical section.
458 * Shortcut single-cpu case if possible.
460 if (CPUMASK_CMPMASKEQ(pmap->pm_active, gd->gd_cpumask) &&
461 pmap_inval_force_nonopt == 0) {
462 if (pmap->pm_flags & PMAP_MULTI)
463 pmap_inval_init(pmap);
464 if (atomic_cmpset_long(ptep, opte, npte)) {
465 if (va == (vm_offset_t)-1)
468 cpu_invlpg((void *)va);
469 if (pmap->pm_flags & PMAP_MULTI)
470 pmap_inval_done(pmap);
473 if (pmap->pm_flags & PMAP_MULTI)
474 pmap_inval_done(pmap);
480 * We need a critical section to prevent getting preempted while
481 * we setup our command. A preemption might execute its own
482 * pmap_inval*() command and create confusion below.
484 pmap_inval_init(pmap);
485 info = &invinfo[cpu];
488 * We must wait for other cpus which may still be finishing
489 * up a prior operation.
491 while (CPUMASK_TESTNZERO(info->done)) {
493 if (loopwdog(info)) {
495 loopdebug("B", info);
496 /* XXX recover from possible bug */
497 CPUMASK_ASSZERO(info->done);
502 KKASSERT(info->mode == INVDONE);
506 * Must set our cpu in the invalidation scan mask before
507 * any possibility of [partial] execution (remember, XINVLTLB
508 * can interrupt a critical section).
510 ATOMIC_CPUMASK_ORBIT(smp_invmask, cpu);
512 info->tsc_target = rdtsc() + (tsc_frequency * LOOPRECOVER_TIMEOUT1);
514 info->npgs = 1; /* unused */
521 info->mode = INVCMPSET;
524 tmpmask = pmap->pm_active; /* volatile */
525 if (pmap_inval_force_allcpus)
526 tmpmask = smp_active_mask;
528 CPUMASK_ANDMASK(tmpmask, smp_active_mask);
529 CPUMASK_ORBIT(tmpmask, cpu);
530 info->mask = tmpmask;
533 * Command may start executing the moment 'done' is initialized,
534 * disable current cpu interrupt to prevent 'done' field from
535 * changing (other cpus can't clear done bits until the originating
536 * cpu clears its mask bit).
539 info->sigmask = tmpmask;
543 rflags = read_rflags();
546 ATOMIC_CPUMASK_COPY(info->done, tmpmask);
549 * Pass our copy of the done bits (so they don't change out from
550 * under us) to generate the Xinvltlb interrupt on the targets.
552 smp_invlpg(&tmpmask);
553 success = info->success;
554 KKASSERT(info->mode == INVDONE);
556 ATOMIC_CPUMASK_NANDBIT(smp_invmask, cpu);
557 write_rflags(rflags);
558 pmap_inval_done(pmap);
564 pmap_inval_bulk_init(pmap_inval_bulk_t *bulk, struct pmap *pmap)
573 pmap_inval_bulk(pmap_inval_bulk_t *bulk, vm_offset_t va,
574 pt_entry_t *ptep, pt_entry_t npte)
579 * Degenerate case, localized or we don't care (e.g. because we
580 * are jacking the entire page table) or the pmap is not in-use
581 * by anyone. No invalidations are done on any cpu.
584 pte = atomic_swap_long(ptep, npte);
589 * If it isn't the kernel pmap we execute the operation synchronously
590 * on all cpus belonging to the pmap, which avoids concurrency bugs in
591 * the hw related to changing pte's out from under threads.
593 * Eventually I would like to implement streaming pmap invalidation
594 * for user pmaps to reduce mmap/munmap overheads for heavily-loaded
597 if (bulk->pmap != &kernel_pmap) {
598 pte = pmap_inval_smp(bulk->pmap, va, 1, ptep, npte);
603 * This is the kernel_pmap. All unmap operations presume that there
604 * are no other cpus accessing the addresses in question. Implement
605 * the bulking algorithm. collect the required information and
606 * synchronize once at the end.
608 pte = atomic_swap_long(ptep, npte);
609 if (va == (vm_offset_t)-1) {
611 } else if (bulk->va_beg == bulk->va_end) {
613 bulk->va_end = va + PAGE_SIZE;
614 } else if (va == bulk->va_end) {
615 bulk->va_end = va + PAGE_SIZE;
617 bulk->va_beg = (vm_offset_t)-1;
620 pmap_inval_bulk_flush(bulk);
622 if (va == (vm_offset_t)-1) {
627 bulk->va_end = va + PAGE_SIZE;
637 pmap_inval_bulk_flush(pmap_inval_bulk_t *bulk)
641 if (bulk->va_beg != bulk->va_end) {
642 if (bulk->va_beg == (vm_offset_t)-1) {
643 pmap_inval_smp(bulk->pmap, bulk->va_beg, 1, NULL, 0);
647 n = (bulk->va_end - bulk->va_beg) >> PAGE_SHIFT;
648 pmap_inval_smp(bulk->pmap, bulk->va_beg, n, NULL, 0);
657 * Called from Xinvl with a critical section held and interrupts enabled.
660 pmap_inval_intr(cpumask_t *cpumaskp, int toolong)
662 globaldata_t gd = mycpu;
663 pmap_inval_info_t *info;
669 * Check all cpus for invalidations we may need to service.
675 while (CPUMASK_TESTNZERO(cpumask)) {
676 int n = BSFCPUMASK(cpumask);
679 KKASSERT(n >= 0 && n < MAXCPU);
682 CPUMASK_NANDBIT(cpumask, n);
686 * Checkout cpu (cpu) for work in the target cpu info (n)
688 * if (n == cpu) - check our cpu for a master operation
689 * if (n != cpu) - check other cpus for a slave operation
691 * Due to interrupts/races we can catch a new operation
692 * in an older interrupt in other cpus.
694 * A fence is needed once we detect the (not) done bit.
696 if (!CPUMASK_TESTBIT(info->done, cpu))
701 kprintf("pminvl %d->%d %08jx %08jx mode=%d\n",
702 cpu, n, info->done.ary[0], info->mask.ary[0],
708 * info->mask and info->done always contain the originating
709 * cpu until the originator is done. Targets may still be
710 * present in info->done after the originator is done (they
711 * will be finishing up their loops).
713 * Clear info->mask bits on other cpus to indicate that they
714 * have quiesced (entered the loop). Once the other mask bits
715 * are clear we can execute the operation on the original,
716 * then clear the mask and done bits on the originator. The
717 * targets will then finish up their side and clear their
720 * The command is considered 100% done when all done bits have
725 * Command state machine for 'other' cpus.
727 if (CPUMASK_TESTBIT(info->mask, cpu)) {
729 * Other cpus indicate to originator that they
732 ATOMIC_CPUMASK_NANDBIT(info->mask, cpu);
734 } else if (info->ptep &&
735 CPUMASK_TESTBIT(info->mask, n)) {
737 * Other cpu must wait for the originator (n)
738 * to complete its command if ptep is not NULL.
743 * Other cpu detects that the originator has
744 * completed its command, or there was no
747 * Now that the page table entry has changed,
748 * we can follow up with our own invalidation.
750 vm_offset_t va = info->va;
753 if (va == (vm_offset_t)-1 ||
754 info->npgs > MAX_INVAL_PAGES) {
757 for (npgs = info->npgs; npgs; --npgs) {
758 cpu_invlpg((void *)va);
762 ATOMIC_CPUMASK_NANDBIT(info->done, cpu);
763 /* info invalid now */
764 /* loopme left alone */
766 } else if (CPUMASK_TESTBIT(info->mask, cpu)) {
768 * Originator is waiting for other cpus
770 if (CPUMASK_CMPMASKNEQ(info->mask, gd->gd_cpumask)) {
772 * Originator waits for other cpus to enter
773 * their loop (aka quiesce).
775 * If this bugs out the IPI may have been lost,
776 * try to reissue by resetting our own
777 * reentrancy bit and clearing the smurf mask
778 * for the cpus that did not respond, then
783 if (loopwdog(info)) {
785 loopdebug("C", info);
786 /* XXX recover from possible bug */
788 ATOMIC_CPUMASK_NANDMASK(smp_smurf_mask,
790 smp_invlpg(&smp_active_mask);
793 * Force outer-loop retest of Xinvltlb
794 * requests (see mp_machdep.c).
801 * Originator executes operation and clears
802 * mask to allow other cpus to finish.
804 KKASSERT(info->mode != INVDONE);
805 if (info->mode == INVSTORE) {
807 info->opte = atomic_swap_long(info->ptep, info->npte);
809 ATOMIC_CPUMASK_NANDBIT(info->mask, cpu);
812 if (atomic_cmpset_long(info->ptep,
813 info->opte, info->npte)) {
819 ATOMIC_CPUMASK_NANDBIT(info->mask, cpu);
826 * Originator does not have to wait for the other
827 * cpus to finish. It clears its done bit. A new
828 * command will not be initiated by the originator
829 * until the other cpus have cleared their done bits
832 vm_offset_t va = info->va;
835 if (va == (vm_offset_t)-1 ||
836 info->npgs > MAX_INVAL_PAGES) {
839 for (npgs = info->npgs; npgs; --npgs) {
840 cpu_invlpg((void *)va);
845 /* leave loopme alone */
846 /* other cpus may still be finishing up */
847 /* can't race originator since that's us */
848 info->mode = INVDONE;
849 ATOMIC_CPUMASK_NANDBIT(info->done, cpu);
projects / dragonfly.git / blob