2 * Copyright (c) 1991 Regents of the University of California.
4 * Copyright (c) 1994 John S. Dyson
6 * Copyright (c) 1994 David Greenman
9 * This code is derived from software contributed to Berkeley by
10 * the Systems Programming Group of the University of Utah Computer
11 * Science Department and William Jolitz of UUNET Technologies Inc.
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. All advertising materials mentioning features or use of this software
22 * must display the following acknowledgement:
23 * This product includes software developed by the University of
24 * California, Berkeley and its contributors.
25 * 4. Neither the name of the University nor the names of its contributors
26 * may be used to endorse or promote products derived from this software
27 * without specific prior written permission.
29 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
30 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
31 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
32 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
33 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
34 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
35 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
36 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
37 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
38 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41 * from: @(#)pmap.c 7.7 (Berkeley) 5/12/91
42 * $FreeBSD: src/sys/i386/i386/pmap.c,v 1.250.2.18 2002/03/06 22:48:53 silby Exp $
43 * $DragonFly: src/sys/platform/pc32/i386/pmap.c,v 1.71 2007/01/12 22:12:51 dillon Exp $
47 * Manages physical address maps.
49 * In addition to hardware address maps, this
50 * module is called upon to provide software-use-only
51 * maps which may or may not be stored in the same
52 * form as hardware maps. These pseudo-maps are
53 * used to store intermediate results from copy
54 * operations to and from address spaces.
56 * Since the information managed by this module is
57 * also stored by the logical address mapping module,
58 * this module may throw away valid virtual-to-physical
59 * mappings at almost any time. However, invalidations
60 * of virtual-to-physical mappings must be done as
63 * In order to cope with hardware architectures which
64 * make virtual-to-physical map invalidates expensive,
65 * this module may delay invalidate or reduced protection
66 * operations until such time as they are actually
67 * necessary. This module is given full information as
68 * to which processors are currently using which maps,
69 * and to when physical maps must be made correct.
72 #include "opt_disable_pse.h"
74 #include "opt_msgbuf.h"
76 #include <sys/param.h>
77 #include <sys/systm.h>
78 #include <sys/kernel.h>
80 #include <sys/msgbuf.h>
81 #include <sys/vmmeter.h>
85 #include <vm/vm_param.h>
86 #include <sys/sysctl.h>
88 #include <vm/vm_kern.h>
89 #include <vm/vm_page.h>
90 #include <vm/vm_map.h>
91 #include <vm/vm_object.h>
92 #include <vm/vm_extern.h>
93 #include <vm/vm_pageout.h>
94 #include <vm/vm_pager.h>
95 #include <vm/vm_zone.h>
98 #include <sys/thread2.h>
100 #include <machine/cputypes.h>
101 #include <machine/md_var.h>
102 #include <machine/specialreg.h>
103 #include <machine/smp.h>
104 #include <machine_base/apic/apicreg.h>
105 #include <machine/globaldata.h>
106 #include <machine/pmap.h>
107 #include <machine/pmap_inval.h>
111 #define PMAP_KEEP_PDIRS
112 #ifndef PMAP_SHPGPERPROC
113 #define PMAP_SHPGPERPROC 200
116 #if defined(DIAGNOSTIC)
117 #define PMAP_DIAGNOSTIC
122 #if !defined(PMAP_DIAGNOSTIC)
123 #define PMAP_INLINE __inline
129 * Get PDEs and PTEs for user/kernel address space
131 #define pmap_pde(m, v) (&((m)->pm_pdir[(vm_offset_t)(v) >> PDRSHIFT]))
132 #define pdir_pde(m, v) (m[(vm_offset_t)(v) >> PDRSHIFT])
134 #define pmap_pde_v(pte) ((*(int *)pte & PG_V) != 0)
135 #define pmap_pte_w(pte) ((*(int *)pte & PG_W) != 0)
136 #define pmap_pte_m(pte) ((*(int *)pte & PG_M) != 0)
137 #define pmap_pte_u(pte) ((*(int *)pte & PG_A) != 0)
138 #define pmap_pte_v(pte) ((*(int *)pte & PG_V) != 0)
142 * Given a map and a machine independent protection code,
143 * convert to a vax protection code.
145 #define pte_prot(m, p) \
146 (protection_codes[p & (VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE)])
147 static int protection_codes[8];
149 struct pmap kernel_pmap;
150 static TAILQ_HEAD(,pmap) pmap_list = TAILQ_HEAD_INITIALIZER(pmap_list);
152 vm_paddr_t avail_start; /* PA of first available physical page */
153 vm_paddr_t avail_end; /* PA of last available physical page */
154 vm_offset_t virtual_start; /* VA of first avail page (after kernel bss) */
155 vm_offset_t virtual_end; /* VA of last avail page (end of kernel AS) */
156 vm_offset_t KvaStart; /* VA start of KVA space */
157 vm_offset_t KvaEnd; /* VA end of KVA space (non-inclusive) */
158 vm_offset_t KvaSize; /* max size of kernel virtual address space */
159 static boolean_t pmap_initialized = FALSE; /* Has pmap_init completed? */
160 static int pgeflag; /* PG_G or-in */
161 static int pseflag; /* PG_PS or-in */
163 static vm_object_t kptobj;
166 vm_offset_t kernel_vm_end;
169 * Data for the pv entry allocation mechanism
171 static vm_zone_t pvzone;
172 static struct vm_zone pvzone_store;
173 static struct vm_object pvzone_obj;
174 static int pv_entry_count=0, pv_entry_max=0, pv_entry_high_water=0;
175 static int pmap_pagedaemon_waken = 0;
176 static struct pv_entry *pvinit;
179 * All those kernel PT submaps that BSD is so fond of
181 pt_entry_t *CMAP1 = 0, *ptmmap;
182 caddr_t CADDR1 = 0, ptvmmap = 0;
183 static pt_entry_t *msgbufmap;
184 struct msgbuf *msgbufp=0;
189 static pt_entry_t *pt_crashdumpmap;
190 static caddr_t crashdumpmap;
192 extern pt_entry_t *SMPpt;
194 static PMAP_INLINE void free_pv_entry (pv_entry_t pv);
195 static unsigned * get_ptbase (pmap_t pmap);
196 static pv_entry_t get_pv_entry (void);
197 static void i386_protection_init (void);
198 static __inline void pmap_clearbit (vm_page_t m, int bit);
200 static void pmap_remove_all (vm_page_t m);
201 static vm_page_t pmap_enter_quick (pmap_t pmap, vm_offset_t va,
202 vm_page_t m, vm_page_t mpte);
203 static int pmap_remove_pte (struct pmap *pmap, unsigned *ptq,
204 vm_offset_t sva, pmap_inval_info_t info);
205 static void pmap_remove_page (struct pmap *pmap,
206 vm_offset_t va, pmap_inval_info_t info);
207 static int pmap_remove_entry (struct pmap *pmap, vm_page_t m,
208 vm_offset_t va, pmap_inval_info_t info);
209 static boolean_t pmap_testbit (vm_page_t m, int bit);
210 static void pmap_insert_entry (pmap_t pmap, vm_offset_t va,
211 vm_page_t mpte, vm_page_t m);
213 static vm_page_t pmap_allocpte (pmap_t pmap, vm_offset_t va);
215 static int pmap_release_free_page (pmap_t pmap, vm_page_t p);
216 static vm_page_t _pmap_allocpte (pmap_t pmap, unsigned ptepindex);
217 static unsigned * pmap_pte_quick (pmap_t pmap, vm_offset_t va);
218 static vm_page_t pmap_page_lookup (vm_object_t object, vm_pindex_t pindex);
219 static int pmap_unuse_pt (pmap_t, vm_offset_t, vm_page_t, pmap_inval_info_t);
220 static vm_offset_t pmap_kmem_choose(vm_offset_t addr);
222 static unsigned pdir4mb;
225 * Move the kernel virtual free pointer to the next
226 * 4MB. This is used to help improve performance
227 * by using a large (4MB) page for much of the kernel
228 * (.text, .data, .bss)
231 pmap_kmem_choose(vm_offset_t addr)
233 vm_offset_t newaddr = addr;
235 if (cpu_feature & CPUID_PSE) {
236 newaddr = (addr + (NBPDR - 1)) & ~(NBPDR - 1);
245 * Extract the page table entry associated with the given map/virtual
248 * This function may NOT be called from an interrupt.
250 PMAP_INLINE unsigned *
251 pmap_pte(pmap_t pmap, vm_offset_t va)
256 pdeaddr = (unsigned *) pmap_pde(pmap, va);
257 if (*pdeaddr & PG_PS)
260 return get_ptbase(pmap) + i386_btop(va);
269 * Super fast pmap_pte routine best used when scanning the pv lists.
270 * This eliminates many course-grained invltlb calls. Note that many of
271 * the pv list scans are across different pmaps and it is very wasteful
272 * to do an entire invltlb when checking a single mapping.
274 * Should only be called while in a critical section.
277 pmap_pte_quick(pmap_t pmap, vm_offset_t va)
279 struct mdglobaldata *gd = mdcpu;
282 if ((pde = (unsigned) pmap->pm_pdir[va >> PDRSHIFT]) != 0) {
283 unsigned frame = (unsigned) pmap->pm_pdir[PTDPTDI] & PG_FRAME;
284 unsigned index = i386_btop(va);
285 /* are we current address space or kernel? */
286 if ((pmap == &kernel_pmap) ||
287 (frame == (((unsigned) PTDpde) & PG_FRAME))) {
288 return (unsigned *) PTmap + index;
290 newpf = pde & PG_FRAME;
291 if ( ((* (unsigned *) gd->gd_PMAP1) & PG_FRAME) != newpf) {
292 * (unsigned *) gd->gd_PMAP1 = newpf | PG_RW | PG_V;
293 cpu_invlpg(gd->gd_PADDR1);
295 return gd->gd_PADDR1 + ((unsigned) index & (NPTEPG - 1));
302 * Bootstrap the system enough to run with virtual memory.
304 * On the i386 this is called after mapping has already been enabled
305 * and just syncs the pmap module with what has already been done.
306 * [We can't call it easily with mapping off since the kernel is not
307 * mapped with PA == VA, hence we would have to relocate every address
308 * from the linked base (virtual) address "KERNBASE" to the actual
309 * (physical) address starting relative to 0]
312 pmap_bootstrap(vm_paddr_t firstaddr, vm_paddr_t loadaddr)
316 struct mdglobaldata *gd;
320 KvaStart = (vm_offset_t)VADDR(PTDPTDI, 0);
321 KvaSize = (vm_offset_t)VADDR(APTDPTDI, 0) - KvaStart;
322 KvaEnd = KvaStart + KvaSize;
324 avail_start = firstaddr;
327 * XXX The calculation of virtual_start is wrong. It's NKPT*PAGE_SIZE
328 * too large. It should instead be correctly calculated in locore.s and
329 * not based on 'first' (which is a physical address, not a virtual
330 * address, for the start of unused physical memory). The kernel
331 * page tables are NOT double mapped and thus should not be included
332 * in this calculation.
334 virtual_start = (vm_offset_t) KERNBASE + firstaddr;
335 virtual_start = pmap_kmem_choose(virtual_start);
336 virtual_end = VADDR(KPTDI+NKPDE-1, NPTEPG-1);
339 * Initialize protection array.
341 i386_protection_init();
344 * The kernel's pmap is statically allocated so we don't have to use
345 * pmap_create, which is unlikely to work correctly at this part of
346 * the boot sequence (XXX and which no longer exists).
348 kernel_pmap.pm_pdir = (pd_entry_t *)(KERNBASE + (u_int)IdlePTD);
349 kernel_pmap.pm_count = 1;
350 kernel_pmap.pm_active = (cpumask_t)-1; /* don't allow deactivation */
351 TAILQ_INIT(&kernel_pmap.pm_pvlist);
355 * Reserve some special page table entries/VA space for temporary
358 #define SYSMAP(c, p, v, n) \
359 v = (c)va; va += ((n)*PAGE_SIZE); p = pte; pte += (n);
362 pte = (pt_entry_t *) pmap_pte(&kernel_pmap, va);
365 * CMAP1/CMAP2 are used for zeroing and copying pages.
367 SYSMAP(caddr_t, CMAP1, CADDR1, 1)
372 SYSMAP(caddr_t, pt_crashdumpmap, crashdumpmap, MAXDUMPPGS);
375 * ptvmmap is used for reading arbitrary physical pages via
378 SYSMAP(caddr_t, ptmmap, ptvmmap, 1)
381 * msgbufp is used to map the system message buffer.
382 * XXX msgbufmap is not used.
384 SYSMAP(struct msgbuf *, msgbufmap, msgbufp,
385 atop(round_page(MSGBUF_SIZE)))
390 for (i = 0; i < NKPT; i++)
394 * PG_G is terribly broken on SMP because we IPI invltlb's in some
395 * cases rather then invl1pg. Actually, I don't even know why it
396 * works under UP because self-referential page table mappings
401 if (cpu_feature & CPUID_PGE)
406 * Initialize the 4MB page size flag
410 * The 4MB page version of the initial
411 * kernel page mapping.
415 #if !defined(DISABLE_PSE)
416 if (cpu_feature & CPUID_PSE) {
419 * Note that we have enabled PSE mode
422 ptditmp = *((unsigned *)PTmap + i386_btop(KERNBASE));
423 ptditmp &= ~(NBPDR - 1);
424 ptditmp |= PG_V | PG_RW | PG_PS | PG_U | pgeflag;
429 * Enable the PSE mode. If we are SMP we can't do this
430 * now because the APs will not be able to use it when
433 load_cr4(rcr4() | CR4_PSE);
436 * We can do the mapping here for the single processor
437 * case. We simply ignore the old page table page from
441 * For SMP, we still need 4K pages to bootstrap APs,
442 * PSE will be enabled as soon as all APs are up.
444 PTD[KPTDI] = (pd_entry_t)ptditmp;
445 kernel_pmap.pm_pdir[KPTDI] = (pd_entry_t)ptditmp;
451 if (cpu_apic_address == 0)
452 panic("pmap_bootstrap: no local apic!");
454 /* local apic is mapped on last page */
455 SMPpt[NPTEPG - 1] = (pt_entry_t)(PG_V | PG_RW | PG_N | pgeflag |
456 (cpu_apic_address & PG_FRAME));
460 * We need to finish setting up the globaldata page for the BSP.
461 * locore has already populated the page table for the mdglobaldata
464 pg = MDGLOBALDATA_BASEALLOC_PAGES;
465 gd = &CPU_prvspace[0].mdglobaldata;
466 gd->gd_CMAP1 = &SMPpt[pg + 0];
467 gd->gd_CMAP2 = &SMPpt[pg + 1];
468 gd->gd_CMAP3 = &SMPpt[pg + 2];
469 gd->gd_PMAP1 = &SMPpt[pg + 3];
470 gd->gd_CADDR1 = CPU_prvspace[0].CPAGE1;
471 gd->gd_CADDR2 = CPU_prvspace[0].CPAGE2;
472 gd->gd_CADDR3 = CPU_prvspace[0].CPAGE3;
473 gd->gd_PADDR1 = (unsigned *)CPU_prvspace[0].PPAGE1;
480 * Set 4mb pdir for mp startup
485 if (pseflag && (cpu_feature & CPUID_PSE)) {
486 load_cr4(rcr4() | CR4_PSE);
487 if (pdir4mb && mycpu->gd_cpuid == 0) { /* only on BSP */
488 kernel_pmap.pm_pdir[KPTDI] =
489 PTD[KPTDI] = (pd_entry_t)pdir4mb;
497 * Initialize the pmap module.
498 * Called by vm_init, to initialize any structures that the pmap
499 * system needs to map virtual memory.
500 * pmap_init has been enhanced to support in a fairly consistant
501 * way, discontiguous physical memory.
510 * object for kernel page table pages
512 kptobj = vm_object_allocate(OBJT_DEFAULT, NKPDE);
515 * Allocate memory for random pmap data structures. Includes the
519 for(i = 0; i < vm_page_array_size; i++) {
522 m = &vm_page_array[i];
523 TAILQ_INIT(&m->md.pv_list);
524 m->md.pv_list_count = 0;
528 * init the pv free list
530 initial_pvs = vm_page_array_size;
531 if (initial_pvs < MINPV)
533 pvzone = &pvzone_store;
534 pvinit = (struct pv_entry *) kmem_alloc(&kernel_map,
535 initial_pvs * sizeof (struct pv_entry));
536 zbootinit(pvzone, "PV ENTRY", sizeof (struct pv_entry), pvinit,
540 * Now it is safe to enable pv_table recording.
542 pmap_initialized = TRUE;
546 * Initialize the address space (zone) for the pv_entries. Set a
547 * high water mark so that the system can recover from excessive
548 * numbers of pv entries.
553 int shpgperproc = PMAP_SHPGPERPROC;
555 TUNABLE_INT_FETCH("vm.pmap.shpgperproc", &shpgperproc);
556 pv_entry_max = shpgperproc * maxproc + vm_page_array_size;
557 TUNABLE_INT_FETCH("vm.pmap.pv_entries", &pv_entry_max);
558 pv_entry_high_water = 9 * (pv_entry_max / 10);
559 zinitna(pvzone, &pvzone_obj, NULL, 0, pv_entry_max, ZONE_INTERRUPT, 1);
563 /***************************************************
564 * Low level helper routines.....
565 ***************************************************/
567 #if defined(PMAP_DIAGNOSTIC)
570 * This code checks for non-writeable/modified pages.
571 * This should be an invalid condition.
574 pmap_nw_modified(pt_entry_t ptea)
580 if ((pte & (PG_M|PG_RW)) == PG_M)
589 * this routine defines the region(s) of memory that should
590 * not be tested for the modified bit.
592 static PMAP_INLINE int
593 pmap_track_modified(vm_offset_t va)
595 if ((va < clean_sva) || (va >= clean_eva))
602 get_ptbase(pmap_t pmap)
604 unsigned frame = (unsigned) pmap->pm_pdir[PTDPTDI] & PG_FRAME;
605 struct globaldata *gd = mycpu;
607 /* are we current address space or kernel? */
608 if (pmap == &kernel_pmap || frame == (((unsigned) PTDpde) & PG_FRAME)) {
609 return (unsigned *) PTmap;
612 /* otherwise, we are alternate address space */
613 KKASSERT(gd->gd_intr_nesting_level == 0 && (gd->gd_curthread->td_flags & TDF_INTTHREAD) == 0);
615 if (frame != (((unsigned) APTDpde) & PG_FRAME)) {
616 APTDpde = (pd_entry_t)(frame | PG_RW | PG_V);
617 /* The page directory is not shared between CPUs */
620 return (unsigned *) APTmap;
626 * Extract the physical page address associated with the map/VA pair.
628 * This function may not be called from an interrupt if the pmap is
632 pmap_extract(pmap_t pmap, vm_offset_t va)
635 vm_offset_t pdirindex;
637 pdirindex = va >> PDRSHIFT;
638 if (pmap && (rtval = (unsigned) pmap->pm_pdir[pdirindex])) {
640 if ((rtval & PG_PS) != 0) {
641 rtval &= ~(NBPDR - 1);
642 rtval |= va & (NBPDR - 1);
645 pte = get_ptbase(pmap) + i386_btop(va);
646 rtval = ((*pte & PG_FRAME) | (va & PAGE_MASK));
652 /***************************************************
653 * Low level mapping routines.....
654 ***************************************************/
657 * Routine: pmap_kenter
659 * Add a wired page to the KVA
660 * NOTE! note that in order for the mapping to take effect -- you
661 * should do an invltlb after doing the pmap_kenter().
664 pmap_kenter(vm_offset_t va, vm_paddr_t pa)
668 pmap_inval_info info;
670 pmap_inval_init(&info);
671 pmap_inval_add(&info, &kernel_pmap, va);
672 npte = pa | PG_RW | PG_V | pgeflag;
673 pte = (unsigned *)vtopte(va);
675 pmap_inval_flush(&info);
679 * Routine: pmap_kenter_quick
681 * Similar to pmap_kenter(), except we only invalidate the
682 * mapping on the current CPU.
685 pmap_kenter_quick(vm_offset_t va, vm_paddr_t pa)
690 npte = pa | PG_RW | PG_V | pgeflag;
691 pte = (unsigned *)vtopte(va);
693 cpu_invlpg((void *)va);
697 pmap_kenter_sync(vm_offset_t va)
699 pmap_inval_info info;
701 pmap_inval_init(&info);
702 pmap_inval_add(&info, &kernel_pmap, va);
703 pmap_inval_flush(&info);
707 pmap_kenter_sync_quick(vm_offset_t va)
709 cpu_invlpg((void *)va);
713 * remove a page from the kernel pagetables
716 pmap_kremove(vm_offset_t va)
719 pmap_inval_info info;
721 pmap_inval_init(&info);
722 pmap_inval_add(&info, &kernel_pmap, va);
723 pte = (unsigned *)vtopte(va);
725 pmap_inval_flush(&info);
729 pmap_kremove_quick(vm_offset_t va)
732 pte = (unsigned *)vtopte(va);
734 cpu_invlpg((void *)va);
738 * XXX these need to be recoded. They are not used in any critical path.
741 pmap_kmodify_rw(vm_offset_t va)
743 *vtopte(va) |= PG_RW;
744 cpu_invlpg((void *)va);
748 pmap_kmodify_nc(vm_offset_t va)
751 cpu_invlpg((void *)va);
755 * Used to map a range of physical addresses into kernel
756 * virtual address space.
758 * For now, VM is already on, we only need to map the
762 pmap_map(vm_offset_t virt, vm_paddr_t start, vm_paddr_t end, int prot)
764 while (start < end) {
765 pmap_kenter(virt, start);
774 * Add a list of wired pages to the kva
775 * this routine is only used for temporary
776 * kernel mappings that do not need to have
777 * page modification or references recorded.
778 * Note that old mappings are simply written
779 * over. The page *must* be wired.
782 pmap_qenter(vm_offset_t va, vm_page_t *m, int count)
786 end_va = va + count * PAGE_SIZE;
788 while (va < end_va) {
791 pte = (unsigned *)vtopte(va);
792 *pte = VM_PAGE_TO_PHYS(*m) | PG_RW | PG_V | pgeflag;
793 cpu_invlpg((void *)va);
798 smp_invltlb(); /* XXX */
803 pmap_qenter2(vm_offset_t va, vm_page_t *m, int count, cpumask_t *mask)
806 cpumask_t cmask = mycpu->gd_cpumask;
808 end_va = va + count * PAGE_SIZE;
810 while (va < end_va) {
815 * Install the new PTE. If the pte changed from the prior
816 * mapping we must reset the cpu mask and invalidate the page.
817 * If the pte is the same but we have not seen it on the
818 * current cpu, invlpg the existing mapping. Otherwise the
819 * entry is optimal and no invalidation is required.
821 pte = (unsigned *)vtopte(va);
822 pteval = VM_PAGE_TO_PHYS(*m) | PG_A | PG_RW | PG_V | pgeflag;
823 if (*pte != pteval) {
826 cpu_invlpg((void *)va);
827 } else if ((*mask & cmask) == 0) {
828 cpu_invlpg((void *)va);
837 * this routine jerks page mappings from the
838 * kernel -- it is meant only for temporary mappings.
841 pmap_qremove(vm_offset_t va, int count)
845 end_va = va + count*PAGE_SIZE;
847 while (va < end_va) {
850 pte = (unsigned *)vtopte(va);
852 cpu_invlpg((void *)va);
861 * This routine works like vm_page_lookup() but also blocks as long as the
862 * page is busy. This routine does not busy the page it returns.
864 * Unless the caller is managing objects whos pages are in a known state,
865 * the call should be made with a critical section held so the page's object
866 * association remains valid on return.
869 pmap_page_lookup(vm_object_t object, vm_pindex_t pindex)
874 m = vm_page_lookup(object, pindex);
875 if (m && vm_page_sleep_busy(m, FALSE, "pplookp"))
881 * Create a new thread and optionally associate it with a (new) process.
882 * NOTE! the new thread's cpu may not equal the current cpu.
885 pmap_init_thread(thread_t td)
887 /* enforce pcb placement */
888 td->td_pcb = (struct pcb *)(td->td_kstack + td->td_kstack_size) - 1;
889 td->td_savefpu = &td->td_pcb->pcb_save;
890 td->td_sp = (char *)td->td_pcb - 16;
894 * Create the UPAGES for a new process.
895 * This routine directly affects the fork perf for a process.
898 pmap_init_proc(struct proc *p, struct thread *td)
900 p->p_addr = (void *)td->td_kstack;
903 td->td_lwp = &p->p_lwp;
904 td->td_switch = cpu_heavy_switch;
906 KKASSERT(td->td_mpcount == 1);
908 bzero(p->p_addr, sizeof(*p->p_addr));
912 * Dispose the UPAGES for a process that has exited.
913 * This routine directly impacts the exit perf of a process.
916 pmap_dispose_proc(struct proc *p)
920 KASSERT(p->p_lock == 0, ("attempt to dispose referenced proc! %p", p));
922 if ((td = p->p_thread) != NULL) {
930 /***************************************************
931 * Page table page management routines.....
932 ***************************************************/
935 * This routine unholds page table pages, and if the hold count
936 * drops to zero, then it decrements the wire count.
939 _pmap_unwire_pte_hold(pmap_t pmap, vm_page_t m, pmap_inval_info_t info)
941 pmap_inval_flush(info);
942 while (vm_page_sleep_busy(m, FALSE, "pmuwpt"))
945 if (m->hold_count == 0) {
947 * unmap the page table page
949 pmap_inval_add(info, pmap, -1);
950 pmap->pm_pdir[m->pindex] = 0;
951 --pmap->pm_stats.resident_count;
953 if (pmap->pm_ptphint == m)
954 pmap->pm_ptphint = NULL;
957 * If the page is finally unwired, simply free it.
960 if (m->wire_count == 0) {
963 vm_page_free_zero(m);
964 --vmstats.v_wire_count;
971 static PMAP_INLINE int
972 pmap_unwire_pte_hold(pmap_t pmap, vm_page_t m, pmap_inval_info_t info)
975 if (m->hold_count == 0)
976 return _pmap_unwire_pte_hold(pmap, m, info);
982 * After removing a page table entry, this routine is used to
983 * conditionally free the page, and manage the hold/wire counts.
986 pmap_unuse_pt(pmap_t pmap, vm_offset_t va, vm_page_t mpte,
987 pmap_inval_info_t info)
990 if (va >= UPT_MIN_ADDRESS)
994 ptepindex = (va >> PDRSHIFT);
995 if (pmap->pm_ptphint &&
996 (pmap->pm_ptphint->pindex == ptepindex)) {
997 mpte = pmap->pm_ptphint;
999 pmap_inval_flush(info);
1000 mpte = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
1001 pmap->pm_ptphint = mpte;
1005 return pmap_unwire_pte_hold(pmap, mpte, info);
1009 * Initialize pmap0/vmspace0. This pmap is not added to pmap_list because
1010 * it, and IdlePTD, represents the template used to update all other pmaps.
1012 * On architectures where the kernel pmap is not integrated into the user
1013 * process pmap, this pmap represents the process pmap, not the kernel pmap.
1014 * kernel_pmap should be used to directly access the kernel_pmap.
1017 pmap_pinit0(struct pmap *pmap)
1020 (pd_entry_t *)kmem_alloc_pageable(&kernel_map, PAGE_SIZE);
1021 pmap_kenter((vm_offset_t)pmap->pm_pdir, (vm_offset_t) IdlePTD);
1023 pmap->pm_active = 0;
1024 pmap->pm_ptphint = NULL;
1025 TAILQ_INIT(&pmap->pm_pvlist);
1026 bzero(&pmap->pm_stats, sizeof pmap->pm_stats);
1030 * Initialize a preallocated and zeroed pmap structure,
1031 * such as one in a vmspace structure.
1034 pmap_pinit(struct pmap *pmap)
1039 * No need to allocate page table space yet but we do need a valid
1040 * page directory table.
1042 if (pmap->pm_pdir == NULL) {
1044 (pd_entry_t *)kmem_alloc_pageable(&kernel_map, PAGE_SIZE);
1048 * allocate object for the ptes
1050 if (pmap->pm_pteobj == NULL)
1051 pmap->pm_pteobj = vm_object_allocate( OBJT_DEFAULT, PTDPTDI + 1);
1054 * allocate the page directory page
1056 ptdpg = vm_page_grab( pmap->pm_pteobj, PTDPTDI,
1057 VM_ALLOC_NORMAL | VM_ALLOC_RETRY);
1059 ptdpg->wire_count = 1;
1060 ++vmstats.v_wire_count;
1063 vm_page_flag_clear(ptdpg, PG_MAPPED | PG_BUSY); /* not usually mapped*/
1064 ptdpg->valid = VM_PAGE_BITS_ALL;
1066 pmap_kenter((vm_offset_t)pmap->pm_pdir, VM_PAGE_TO_PHYS(ptdpg));
1067 if ((ptdpg->flags & PG_ZERO) == 0)
1068 bzero(pmap->pm_pdir, PAGE_SIZE);
1070 pmap->pm_pdir[MPPTDI] = PTD[MPPTDI];
1072 /* install self-referential address mapping entry */
1073 *(unsigned *) (pmap->pm_pdir + PTDPTDI) =
1074 VM_PAGE_TO_PHYS(ptdpg) | PG_V | PG_RW | PG_A | PG_M;
1077 pmap->pm_active = 0;
1078 pmap->pm_ptphint = NULL;
1079 TAILQ_INIT(&pmap->pm_pvlist);
1080 bzero(&pmap->pm_stats, sizeof pmap->pm_stats);
1084 * Wire in kernel global address entries. To avoid a race condition
1085 * between pmap initialization and pmap_growkernel, this procedure
1086 * adds the pmap to the master list (which growkernel scans to update),
1087 * then copies the template.
1090 pmap_pinit2(struct pmap *pmap)
1093 TAILQ_INSERT_TAIL(&pmap_list, pmap, pm_pmnode);
1094 /* XXX copies current process, does not fill in MPPTDI */
1095 bcopy(PTD + KPTDI, pmap->pm_pdir + KPTDI, nkpt * PTESIZE);
1100 * Attempt to release and free and vm_page in a pmap. Returns 1 on success,
1101 * 0 on failure (if the procedure had to sleep).
1104 pmap_release_free_page(struct pmap *pmap, vm_page_t p)
1106 unsigned *pde = (unsigned *) pmap->pm_pdir;
1108 * This code optimizes the case of freeing non-busy
1109 * page-table pages. Those pages are zero now, and
1110 * might as well be placed directly into the zero queue.
1112 if (vm_page_sleep_busy(p, FALSE, "pmaprl"))
1118 * Remove the page table page from the processes address space.
1121 pmap->pm_stats.resident_count--;
1123 if (p->hold_count) {
1124 panic("pmap_release: freeing held page table page");
1127 * Page directory pages need to have the kernel
1128 * stuff cleared, so they can go into the zero queue also.
1130 if (p->pindex == PTDPTDI) {
1131 bzero(pde + KPTDI, nkpt * PTESIZE);
1134 pmap_kremove((vm_offset_t)pmap->pm_pdir);
1137 if (pmap->pm_ptphint && (pmap->pm_ptphint->pindex == p->pindex))
1138 pmap->pm_ptphint = NULL;
1141 vmstats.v_wire_count--;
1142 vm_page_free_zero(p);
1147 * this routine is called if the page table page is not
1151 _pmap_allocpte(pmap_t pmap, unsigned ptepindex)
1153 vm_offset_t pteva, ptepa;
1157 * Find or fabricate a new pagetable page
1159 m = vm_page_grab(pmap->pm_pteobj, ptepindex,
1160 VM_ALLOC_NORMAL | VM_ALLOC_ZERO | VM_ALLOC_RETRY);
1162 KASSERT(m->queue == PQ_NONE,
1163 ("_pmap_allocpte: %p->queue != PQ_NONE", m));
1165 if (m->wire_count == 0)
1166 vmstats.v_wire_count++;
1170 * Increment the hold count for the page table page
1171 * (denoting a new mapping.)
1176 * Map the pagetable page into the process address space, if
1177 * it isn't already there.
1180 pmap->pm_stats.resident_count++;
1182 ptepa = VM_PAGE_TO_PHYS(m);
1183 pmap->pm_pdir[ptepindex] =
1184 (pd_entry_t) (ptepa | PG_U | PG_RW | PG_V | PG_A | PG_M);
1187 * Set the page table hint
1189 pmap->pm_ptphint = m;
1192 * Try to use the new mapping, but if we cannot, then
1193 * do it with the routine that maps the page explicitly.
1195 if ((m->flags & PG_ZERO) == 0) {
1196 if ((((unsigned)pmap->pm_pdir[PTDPTDI]) & PG_FRAME) ==
1197 (((unsigned) PTDpde) & PG_FRAME)) {
1198 pteva = UPT_MIN_ADDRESS + i386_ptob(ptepindex);
1199 bzero((caddr_t) pteva, PAGE_SIZE);
1201 pmap_zero_page(ptepa);
1205 m->valid = VM_PAGE_BITS_ALL;
1206 vm_page_flag_clear(m, PG_ZERO);
1207 vm_page_flag_set(m, PG_MAPPED);
1214 pmap_allocpte(pmap_t pmap, vm_offset_t va)
1221 * Calculate pagetable page index
1223 ptepindex = va >> PDRSHIFT;
1226 * Get the page directory entry
1228 ptepa = (vm_offset_t) pmap->pm_pdir[ptepindex];
1231 * This supports switching from a 4MB page to a
1234 if (ptepa & PG_PS) {
1235 pmap->pm_pdir[ptepindex] = 0;
1242 * If the page table page is mapped, we just increment the
1243 * hold count, and activate it.
1247 * In order to get the page table page, try the
1250 if (pmap->pm_ptphint &&
1251 (pmap->pm_ptphint->pindex == ptepindex)) {
1252 m = pmap->pm_ptphint;
1254 m = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
1255 pmap->pm_ptphint = m;
1261 * Here if the pte page isn't mapped, or if it has been deallocated.
1263 return _pmap_allocpte(pmap, ptepindex);
1267 /***************************************************
1268 * Pmap allocation/deallocation routines.
1269 ***************************************************/
1272 * Release any resources held by the given physical map.
1273 * Called when a pmap initialized by pmap_pinit is being released.
1274 * Should only be called if the map contains no valid mappings.
1276 static int pmap_release_callback(struct vm_page *p, void *data);
1279 pmap_release(struct pmap *pmap)
1281 vm_object_t object = pmap->pm_pteobj;
1282 struct rb_vm_page_scan_info info;
1284 #if defined(DIAGNOSTIC)
1285 if (object->ref_count != 1)
1286 panic("pmap_release: pteobj reference count != 1");
1290 info.object = object;
1292 TAILQ_REMOVE(&pmap_list, pmap, pm_pmnode);
1299 info.limit = object->generation;
1301 vm_page_rb_tree_RB_SCAN(&object->rb_memq, NULL,
1302 pmap_release_callback, &info);
1303 if (info.error == 0 && info.mpte) {
1304 if (!pmap_release_free_page(pmap, info.mpte))
1308 } while (info.error);
1312 pmap_release_callback(struct vm_page *p, void *data)
1314 struct rb_vm_page_scan_info *info = data;
1316 if (p->pindex == PTDPTDI) {
1320 if (!pmap_release_free_page(info->pmap, p)) {
1324 if (info->object->generation != info->limit) {
1332 * Grow the number of kernel page table entries, if needed.
1336 pmap_growkernel(vm_offset_t addr)
1339 vm_offset_t ptppaddr;
1344 if (kernel_vm_end == 0) {
1345 kernel_vm_end = KERNBASE;
1347 while (pdir_pde(PTD, kernel_vm_end)) {
1348 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1352 addr = (addr + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1353 while (kernel_vm_end < addr) {
1354 if (pdir_pde(PTD, kernel_vm_end)) {
1355 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1360 * This index is bogus, but out of the way
1362 nkpg = vm_page_alloc(kptobj, nkpt,
1363 VM_ALLOC_NORMAL | VM_ALLOC_SYSTEM | VM_ALLOC_INTERRUPT);
1365 panic("pmap_growkernel: no memory to grow kernel");
1368 ptppaddr = VM_PAGE_TO_PHYS(nkpg);
1369 pmap_zero_page(ptppaddr);
1370 newpdir = (pd_entry_t) (ptppaddr | PG_V | PG_RW | PG_A | PG_M);
1371 pdir_pde(PTD, kernel_vm_end) = newpdir;
1372 *pmap_pde(&kernel_pmap, kernel_vm_end) = newpdir;
1376 * This update must be interlocked with pmap_pinit2.
1378 TAILQ_FOREACH(pmap, &pmap_list, pm_pmnode) {
1379 *pmap_pde(pmap, kernel_vm_end) = newpdir;
1381 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) &
1382 ~(PAGE_SIZE * NPTEPG - 1);
1388 * Retire the given physical map from service.
1389 * Should only be called if the map contains
1390 * no valid mappings.
1393 pmap_destroy(pmap_t pmap)
1400 count = --pmap->pm_count;
1403 panic("destroying a pmap is not yet implemented");
1408 * Add a reference to the specified pmap.
1411 pmap_reference(pmap_t pmap)
1418 /***************************************************
1419 * page management routines.
1420 ***************************************************/
1423 * free the pv_entry back to the free list. This function may be
1424 * called from an interrupt.
1426 static PMAP_INLINE void
1427 free_pv_entry(pv_entry_t pv)
1434 * get a new pv_entry, allocating a block from the system
1435 * when needed. This function may be called from an interrupt.
1441 if (pv_entry_high_water &&
1442 (pv_entry_count > pv_entry_high_water) &&
1443 (pmap_pagedaemon_waken == 0)) {
1444 pmap_pagedaemon_waken = 1;
1445 wakeup (&vm_pages_needed);
1447 return zalloc(pvzone);
1451 * This routine is very drastic, but can save the system
1459 static int warningdone=0;
1461 if (pmap_pagedaemon_waken == 0)
1464 if (warningdone < 5) {
1465 kprintf("pmap_collect: collecting pv entries -- suggest increasing PMAP_SHPGPERPROC\n");
1469 for(i = 0; i < vm_page_array_size; i++) {
1470 m = &vm_page_array[i];
1471 if (m->wire_count || m->hold_count || m->busy ||
1472 (m->flags & PG_BUSY))
1476 pmap_pagedaemon_waken = 0;
1481 * If it is the first entry on the list, it is actually
1482 * in the header and we must copy the following entry up
1483 * to the header. Otherwise we must search the list for
1484 * the entry. In either case we free the now unused entry.
1487 pmap_remove_entry(struct pmap *pmap, vm_page_t m,
1488 vm_offset_t va, pmap_inval_info_t info)
1494 if (m->md.pv_list_count < pmap->pm_stats.resident_count) {
1495 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
1496 if (pmap == pv->pv_pmap && va == pv->pv_va)
1500 TAILQ_FOREACH(pv, &pmap->pm_pvlist, pv_plist) {
1501 if (va == pv->pv_va)
1508 rtval = pmap_unuse_pt(pmap, va, pv->pv_ptem, info);
1509 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
1510 m->md.pv_list_count--;
1511 if (TAILQ_FIRST(&m->md.pv_list) == NULL)
1512 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
1513 TAILQ_REMOVE(&pmap->pm_pvlist, pv, pv_plist);
1521 * Create a pv entry for page at pa for
1525 pmap_insert_entry(pmap_t pmap, vm_offset_t va, vm_page_t mpte, vm_page_t m)
1530 pv = get_pv_entry();
1535 TAILQ_INSERT_TAIL(&pmap->pm_pvlist, pv, pv_plist);
1536 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_list);
1537 m->md.pv_list_count++;
1543 * pmap_remove_pte: do the things to unmap a page in a process
1546 pmap_remove_pte(struct pmap *pmap, unsigned *ptq, vm_offset_t va,
1547 pmap_inval_info_t info)
1552 pmap_inval_add(info, pmap, va);
1553 oldpte = loadandclear(ptq);
1555 pmap->pm_stats.wired_count -= 1;
1557 * Machines that don't support invlpg, also don't support
1558 * PG_G. XXX PG_G is disabled for SMP so don't worry about
1562 cpu_invlpg((void *)va);
1563 pmap->pm_stats.resident_count -= 1;
1564 if (oldpte & PG_MANAGED) {
1565 m = PHYS_TO_VM_PAGE(oldpte);
1566 if (oldpte & PG_M) {
1567 #if defined(PMAP_DIAGNOSTIC)
1568 if (pmap_nw_modified((pt_entry_t) oldpte)) {
1570 "pmap_remove: modified page not writable: va: 0x%x, pte: 0x%x\n",
1574 if (pmap_track_modified(va))
1578 vm_page_flag_set(m, PG_REFERENCED);
1579 return pmap_remove_entry(pmap, m, va, info);
1581 return pmap_unuse_pt(pmap, va, NULL, info);
1590 * Remove a single page from a process address space.
1592 * This function may not be called from an interrupt if the pmap is
1596 pmap_remove_page(struct pmap *pmap, vm_offset_t va, pmap_inval_info_t info)
1601 * if there is no pte for this address, just skip it!!! Otherwise
1602 * get a local va for mappings for this pmap and remove the entry.
1604 if (*pmap_pde(pmap, va) != 0) {
1605 ptq = get_ptbase(pmap) + i386_btop(va);
1607 pmap_remove_pte(pmap, ptq, va, info);
1615 * Remove the given range of addresses from the specified map.
1617 * It is assumed that the start and end are properly
1618 * rounded to the page size.
1620 * This function may not be called from an interrupt if the pmap is
1624 pmap_remove(struct pmap *pmap, vm_offset_t sva, vm_offset_t eva)
1628 vm_offset_t ptpaddr;
1629 vm_offset_t sindex, eindex;
1630 struct pmap_inval_info info;
1635 if (pmap->pm_stats.resident_count == 0)
1638 pmap_inval_init(&info);
1641 * special handling of removing one page. a very
1642 * common operation and easy to short circuit some
1645 if (((sva + PAGE_SIZE) == eva) &&
1646 (((unsigned) pmap->pm_pdir[(sva >> PDRSHIFT)] & PG_PS) == 0)) {
1647 pmap_remove_page(pmap, sva, &info);
1648 pmap_inval_flush(&info);
1653 * Get a local virtual address for the mappings that are being
1656 ptbase = get_ptbase(pmap);
1658 sindex = i386_btop(sva);
1659 eindex = i386_btop(eva);
1661 for (; sindex < eindex; sindex = pdnxt) {
1665 * Calculate index for next page table.
1667 pdnxt = ((sindex + NPTEPG) & ~(NPTEPG - 1));
1668 if (pmap->pm_stats.resident_count == 0)
1671 pdirindex = sindex / NPDEPG;
1672 if (((ptpaddr = (unsigned) pmap->pm_pdir[pdirindex]) & PG_PS) != 0) {
1673 pmap_inval_add(&info, pmap, -1);
1674 pmap->pm_pdir[pdirindex] = 0;
1675 pmap->pm_stats.resident_count -= NBPDR / PAGE_SIZE;
1680 * Weed out invalid mappings. Note: we assume that the page
1681 * directory table is always allocated, and in kernel virtual.
1687 * Limit our scan to either the end of the va represented
1688 * by the current page table page, or to the end of the
1689 * range being removed.
1691 if (pdnxt > eindex) {
1695 for (; sindex != pdnxt; sindex++) {
1697 if (ptbase[sindex] == 0)
1699 va = i386_ptob(sindex);
1700 if (pmap_remove_pte(pmap, ptbase + sindex, va, &info))
1704 pmap_inval_flush(&info);
1710 * Removes this physical page from all physical maps in which it resides.
1711 * Reflects back modify bits to the pager.
1713 * This routine may not be called from an interrupt.
1717 pmap_remove_all(vm_page_t m)
1719 struct pmap_inval_info info;
1720 unsigned *pte, tpte;
1723 #if defined(PMAP_DIAGNOSTIC)
1725 * XXX this makes pmap_page_protect(NONE) illegal for non-managed
1728 if (!pmap_initialized || (m->flags & PG_FICTITIOUS)) {
1729 panic("pmap_page_protect: illegal for unmanaged page, va: 0x%08llx", (long long)VM_PAGE_TO_PHYS(m));
1733 pmap_inval_init(&info);
1735 while ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
1736 pv->pv_pmap->pm_stats.resident_count--;
1738 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
1739 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
1741 tpte = loadandclear(pte);
1743 pv->pv_pmap->pm_stats.wired_count--;
1746 vm_page_flag_set(m, PG_REFERENCED);
1749 * Update the vm_page_t clean and reference bits.
1752 #if defined(PMAP_DIAGNOSTIC)
1753 if (pmap_nw_modified((pt_entry_t) tpte)) {
1755 "pmap_remove_all: modified page not writable: va: 0x%x, pte: 0x%x\n",
1759 if (pmap_track_modified(pv->pv_va))
1762 TAILQ_REMOVE(&pv->pv_pmap->pm_pvlist, pv, pv_plist);
1763 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
1764 m->md.pv_list_count--;
1765 pmap_unuse_pt(pv->pv_pmap, pv->pv_va, pv->pv_ptem, &info);
1769 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
1771 pmap_inval_flush(&info);
1777 * Set the physical protection on the specified range of this map
1780 * This function may not be called from an interrupt if the map is
1781 * not the kernel_pmap.
1784 pmap_protect(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, vm_prot_t prot)
1787 vm_offset_t pdnxt, ptpaddr;
1788 vm_pindex_t sindex, eindex;
1789 pmap_inval_info info;
1794 if ((prot & VM_PROT_READ) == VM_PROT_NONE) {
1795 pmap_remove(pmap, sva, eva);
1799 if (prot & VM_PROT_WRITE)
1802 pmap_inval_init(&info);
1804 ptbase = get_ptbase(pmap);
1806 sindex = i386_btop(sva);
1807 eindex = i386_btop(eva);
1809 for (; sindex < eindex; sindex = pdnxt) {
1813 pdnxt = ((sindex + NPTEPG) & ~(NPTEPG - 1));
1815 pdirindex = sindex / NPDEPG;
1816 if (((ptpaddr = (unsigned) pmap->pm_pdir[pdirindex]) & PG_PS) != 0) {
1817 pmap_inval_add(&info, pmap, -1);
1818 pmap->pm_pdir[pdirindex] &= ~(PG_M|PG_RW);
1819 pmap->pm_stats.resident_count -= NBPDR / PAGE_SIZE;
1824 * Weed out invalid mappings. Note: we assume that the page
1825 * directory table is always allocated, and in kernel virtual.
1830 if (pdnxt > eindex) {
1834 for (; sindex != pdnxt; sindex++) {
1839 /* XXX this isn't optimal */
1840 pmap_inval_add(&info, pmap, i386_ptob(sindex));
1841 pbits = ptbase[sindex];
1843 if (pbits & PG_MANAGED) {
1846 m = PHYS_TO_VM_PAGE(pbits);
1847 vm_page_flag_set(m, PG_REFERENCED);
1851 if (pmap_track_modified(i386_ptob(sindex))) {
1853 m = PHYS_TO_VM_PAGE(pbits);
1862 if (pbits != ptbase[sindex]) {
1863 ptbase[sindex] = pbits;
1867 pmap_inval_flush(&info);
1871 * Insert the given physical page (p) at
1872 * the specified virtual address (v) in the
1873 * target physical map with the protection requested.
1875 * If specified, the page will be wired down, meaning
1876 * that the related pte can not be reclaimed.
1878 * NB: This is the only routine which MAY NOT lazy-evaluate
1879 * or lose information. That is, this routine must actually
1880 * insert this page into the given map NOW.
1883 pmap_enter(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot,
1889 vm_offset_t origpte, newpte;
1891 pmap_inval_info info;
1897 #ifdef PMAP_DIAGNOSTIC
1899 panic("pmap_enter: toobig");
1900 if ((va >= UPT_MIN_ADDRESS) && (va < UPT_MAX_ADDRESS))
1901 panic("pmap_enter: invalid to pmap_enter page table pages (va: 0x%x)", va);
1903 if (va < UPT_MAX_ADDRESS && pmap == &kernel_pmap) {
1904 kprintf("Warning: pmap_enter called on UVA with kernel_pmap\n");
1906 db_print_backtrace();
1909 if (va >= UPT_MAX_ADDRESS && pmap != &kernel_pmap) {
1910 kprintf("Warning: pmap_enter called on KVA without kernel_pmap\n");
1912 db_print_backtrace();
1918 * In the case that a page table page is not
1919 * resident, we are creating it here.
1921 if (va < UPT_MIN_ADDRESS) {
1922 mpte = pmap_allocpte(pmap, va);
1925 pmap_inval_init(&info);
1926 pte = pmap_pte(pmap, va);
1929 * Page Directory table entry not valid, we need a new PT page
1932 panic("pmap_enter: invalid page directory pdir=%x, va=0x%x\n",
1933 (unsigned) pmap->pm_pdir[PTDPTDI], va);
1936 pa = VM_PAGE_TO_PHYS(m) & PG_FRAME;
1937 pmap_inval_add(&info, pmap, va); /* XXX non-optimal */
1938 origpte = *(vm_offset_t *)pte;
1939 opa = origpte & PG_FRAME;
1941 if (origpte & PG_PS)
1942 panic("pmap_enter: attempted pmap_enter on 4MB page");
1945 * Mapping has not changed, must be protection or wiring change.
1947 if (origpte && (opa == pa)) {
1949 * Wiring change, just update stats. We don't worry about
1950 * wiring PT pages as they remain resident as long as there
1951 * are valid mappings in them. Hence, if a user page is wired,
1952 * the PT page will be also.
1954 if (wired && ((origpte & PG_W) == 0))
1955 pmap->pm_stats.wired_count++;
1956 else if (!wired && (origpte & PG_W))
1957 pmap->pm_stats.wired_count--;
1959 #if defined(PMAP_DIAGNOSTIC)
1960 if (pmap_nw_modified((pt_entry_t) origpte)) {
1962 "pmap_enter: modified page not writable: va: 0x%x, pte: 0x%x\n",
1968 * Remove the extra pte reference. Note that we cannot
1969 * optimize the RO->RW case because we have adjusted the
1970 * wiring count above and may need to adjust the wiring
1977 * We might be turning off write access to the page,
1978 * so we go ahead and sense modify status.
1980 if (origpte & PG_MANAGED) {
1981 if ((origpte & PG_M) && pmap_track_modified(va)) {
1983 om = PHYS_TO_VM_PAGE(opa);
1991 * Mapping has changed, invalidate old range and fall through to
1992 * handle validating new mapping.
1996 err = pmap_remove_pte(pmap, pte, va, &info);
1998 panic("pmap_enter: pte vanished, va: 0x%x", va);
2002 * Enter on the PV list if part of our managed memory. Note that we
2003 * raise IPL while manipulating pv_table since pmap_enter can be
2004 * called at interrupt time.
2006 if (pmap_initialized &&
2007 (m->flags & (PG_FICTITIOUS|PG_UNMANAGED)) == 0) {
2008 pmap_insert_entry(pmap, va, mpte, m);
2013 * Increment counters
2015 pmap->pm_stats.resident_count++;
2017 pmap->pm_stats.wired_count++;
2021 * Now validate mapping with desired protection/wiring.
2023 newpte = (vm_offset_t) (pa | pte_prot(pmap, prot) | PG_V);
2027 if (va < UPT_MIN_ADDRESS)
2029 if (pmap == &kernel_pmap)
2033 * if the mapping or permission bits are different, we need
2034 * to update the pte.
2036 if ((origpte & ~(PG_M|PG_A)) != newpte) {
2037 *pte = newpte | PG_A;
2039 pmap_inval_flush(&info);
2043 * this code makes some *MAJOR* assumptions:
2044 * 1. Current pmap & pmap exists.
2047 * 4. No page table pages.
2048 * 5. Tlbflush is deferred to calling procedure.
2049 * 6. Page IS managed.
2050 * but is *MUCH* faster than pmap_enter...
2054 pmap_enter_quick(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_page_t mpte)
2058 pmap_inval_info info;
2060 pmap_inval_init(&info);
2062 if (va < UPT_MAX_ADDRESS && pmap == &kernel_pmap) {
2063 kprintf("Warning: pmap_enter_quick called on UVA with kernel_pmap\n");
2065 db_print_backtrace();
2068 if (va >= UPT_MAX_ADDRESS && pmap != &kernel_pmap) {
2069 kprintf("Warning: pmap_enter_quick called on KVA without kernel_pmap\n");
2071 db_print_backtrace();
2076 * In the case that a page table page is not
2077 * resident, we are creating it here.
2079 if (va < UPT_MIN_ADDRESS) {
2084 * Calculate pagetable page index
2086 ptepindex = va >> PDRSHIFT;
2087 if (mpte && (mpte->pindex == ptepindex)) {
2092 * Get the page directory entry
2094 ptepa = (vm_offset_t) pmap->pm_pdir[ptepindex];
2097 * If the page table page is mapped, we just increment
2098 * the hold count, and activate it.
2102 panic("pmap_enter_quick: unexpected mapping into 4MB page");
2103 if (pmap->pm_ptphint &&
2104 (pmap->pm_ptphint->pindex == ptepindex)) {
2105 mpte = pmap->pm_ptphint;
2107 mpte = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
2108 pmap->pm_ptphint = mpte;
2114 mpte = _pmap_allocpte(pmap, ptepindex);
2122 * This call to vtopte makes the assumption that we are
2123 * entering the page into the current pmap. In order to support
2124 * quick entry into any pmap, one would likely use pmap_pte_quick.
2125 * But that isn't as quick as vtopte.
2127 pte = (unsigned *)vtopte(va);
2130 pmap_unwire_pte_hold(pmap, mpte, &info);
2135 * Enter on the PV list if part of our managed memory. Note that we
2136 * raise IPL while manipulating pv_table since pmap_enter can be
2137 * called at interrupt time.
2139 if ((m->flags & (PG_FICTITIOUS|PG_UNMANAGED)) == 0)
2140 pmap_insert_entry(pmap, va, mpte, m);
2143 * Increment counters
2145 pmap->pm_stats.resident_count++;
2147 pa = VM_PAGE_TO_PHYS(m);
2150 * Now validate mapping with RO protection
2152 if (m->flags & (PG_FICTITIOUS|PG_UNMANAGED))
2153 *pte = pa | PG_V | PG_U;
2155 *pte = pa | PG_V | PG_U | PG_MANAGED;
2161 * Make a temporary mapping for a physical address. This is only intended
2162 * to be used for panic dumps.
2165 pmap_kenter_temporary(vm_paddr_t pa, int i)
2167 pmap_kenter((vm_offset_t)crashdumpmap + (i * PAGE_SIZE), pa);
2168 return ((void *)crashdumpmap);
2171 #define MAX_INIT_PT (96)
2174 * This routine preloads the ptes for a given object into the specified pmap.
2175 * This eliminates the blast of soft faults on process startup and
2176 * immediately after an mmap.
2178 static int pmap_object_init_pt_callback(vm_page_t p, void *data);
2181 pmap_object_init_pt(pmap_t pmap, vm_offset_t addr, vm_prot_t prot,
2182 vm_object_t object, vm_pindex_t pindex,
2183 vm_size_t size, int limit)
2185 struct rb_vm_page_scan_info info;
2189 * We can't preinit if read access isn't set or there is no pmap
2192 if ((prot & VM_PROT_READ) == 0 || pmap == NULL || object == NULL)
2196 * We can't preinit if the pmap is not the current pmap
2198 if (curproc == NULL || pmap != vmspace_pmap(curproc->p_vmspace))
2201 psize = i386_btop(size);
2203 if ((object->type != OBJT_VNODE) ||
2204 ((limit & MAP_PREFAULT_PARTIAL) && (psize > MAX_INIT_PT) &&
2205 (object->resident_page_count > MAX_INIT_PT))) {
2209 if (psize + pindex > object->size) {
2210 if (object->size < pindex)
2212 psize = object->size - pindex;
2219 * Use a red-black scan to traverse the requested range and load
2220 * any valid pages found into the pmap.
2222 * We cannot safely scan the object's memq unless we are in a
2223 * critical section since interrupts can remove pages from objects.
2225 info.start_pindex = pindex;
2226 info.end_pindex = pindex + psize - 1;
2233 vm_page_rb_tree_RB_SCAN(&object->rb_memq, rb_vm_page_scancmp,
2234 pmap_object_init_pt_callback, &info);
2240 pmap_object_init_pt_callback(vm_page_t p, void *data)
2242 struct rb_vm_page_scan_info *info = data;
2243 vm_pindex_t rel_index;
2245 * don't allow an madvise to blow away our really
2246 * free pages allocating pv entries.
2248 if ((info->limit & MAP_PREFAULT_MADVISE) &&
2249 vmstats.v_free_count < vmstats.v_free_reserved) {
2252 if (((p->valid & VM_PAGE_BITS_ALL) == VM_PAGE_BITS_ALL) &&
2253 (p->busy == 0) && (p->flags & (PG_BUSY | PG_FICTITIOUS)) == 0) {
2254 if ((p->queue - p->pc) == PQ_CACHE)
2255 vm_page_deactivate(p);
2257 rel_index = p->pindex - info->start_pindex;
2258 info->mpte = pmap_enter_quick(info->pmap,
2259 info->addr + i386_ptob(rel_index),
2261 vm_page_flag_set(p, PG_MAPPED);
2268 * pmap_prefault provides a quick way of clustering pagefaults into a
2269 * processes address space. It is a "cousin" of pmap_object_init_pt,
2270 * except it runs at page fault time instead of mmap time.
2274 #define PAGEORDER_SIZE (PFBAK+PFFOR)
2276 static int pmap_prefault_pageorder[] = {
2277 -PAGE_SIZE, PAGE_SIZE,
2278 -2 * PAGE_SIZE, 2 * PAGE_SIZE,
2279 -3 * PAGE_SIZE, 3 * PAGE_SIZE,
2280 -4 * PAGE_SIZE, 4 * PAGE_SIZE
2284 pmap_prefault(pmap_t pmap, vm_offset_t addra, vm_map_entry_t entry)
2294 * We do not currently prefault mappings that use virtual page
2295 * tables. We do not prefault foreign pmaps.
2297 if (entry->maptype == VM_MAPTYPE_VPAGETABLE)
2299 if (curproc == NULL || (pmap != vmspace_pmap(curproc->p_vmspace)))
2302 object = entry->object.vm_object;
2304 starta = addra - PFBAK * PAGE_SIZE;
2305 if (starta < entry->start)
2306 starta = entry->start;
2307 else if (starta > addra)
2311 * critical section protection is required to maintain the
2312 * page/object association, interrupts can free pages and remove
2313 * them from their objects.
2317 for (i = 0; i < PAGEORDER_SIZE; i++) {
2318 vm_object_t lobject;
2321 addr = addra + pmap_prefault_pageorder[i];
2322 if (addr > addra + (PFFOR * PAGE_SIZE))
2325 if (addr < starta || addr >= entry->end)
2328 if ((*pmap_pde(pmap, addr)) == NULL)
2331 pte = (unsigned *) vtopte(addr);
2335 pindex = ((addr - entry->start) + entry->offset) >> PAGE_SHIFT;
2338 for (m = vm_page_lookup(lobject, pindex);
2339 (!m && (lobject->type == OBJT_DEFAULT) &&
2340 (lobject->backing_object));
2341 lobject = lobject->backing_object
2343 if (lobject->backing_object_offset & PAGE_MASK)
2345 pindex += (lobject->backing_object_offset >> PAGE_SHIFT);
2346 m = vm_page_lookup(lobject->backing_object, pindex);
2350 * give-up when a page is not in memory
2355 if (((m->valid & VM_PAGE_BITS_ALL) == VM_PAGE_BITS_ALL) &&
2357 (m->flags & (PG_BUSY | PG_FICTITIOUS)) == 0) {
2359 if ((m->queue - m->pc) == PQ_CACHE) {
2360 vm_page_deactivate(m);
2363 mpte = pmap_enter_quick(pmap, addr, m, mpte);
2364 vm_page_flag_set(m, PG_MAPPED);
2372 * Routine: pmap_change_wiring
2373 * Function: Change the wiring attribute for a map/virtual-address
2375 * In/out conditions:
2376 * The mapping must already exist in the pmap.
2379 pmap_change_wiring(pmap_t pmap, vm_offset_t va, boolean_t wired)
2386 pte = pmap_pte(pmap, va);
2388 if (wired && !pmap_pte_w(pte))
2389 pmap->pm_stats.wired_count++;
2390 else if (!wired && pmap_pte_w(pte))
2391 pmap->pm_stats.wired_count--;
2394 * Wiring is not a hardware characteristic so there is no need to
2395 * invalidate TLB. However, in an SMP environment we must use
2396 * a locked bus cycle to update the pte (if we are not using
2397 * the pmap_inval_*() API that is)... it's ok to do this for simple
2402 atomic_set_int(pte, PG_W);
2404 atomic_clear_int(pte, PG_W);
2407 atomic_set_int_nonlocked(pte, PG_W);
2409 atomic_clear_int_nonlocked(pte, PG_W);
2416 * Copy the range specified by src_addr/len
2417 * from the source map to the range dst_addr/len
2418 * in the destination map.
2420 * This routine is only advisory and need not do anything.
2423 pmap_copy(pmap_t dst_pmap, pmap_t src_pmap, vm_offset_t dst_addr,
2424 vm_size_t len, vm_offset_t src_addr)
2426 pmap_inval_info info;
2428 vm_offset_t end_addr = src_addr + len;
2430 unsigned src_frame, dst_frame;
2433 if (dst_addr != src_addr)
2436 src_frame = ((unsigned) src_pmap->pm_pdir[PTDPTDI]) & PG_FRAME;
2437 if (src_frame != (((unsigned) PTDpde) & PG_FRAME)) {
2441 dst_frame = ((unsigned) dst_pmap->pm_pdir[PTDPTDI]) & PG_FRAME;
2442 if (dst_frame != (((unsigned) APTDpde) & PG_FRAME)) {
2443 APTDpde = (pd_entry_t) (dst_frame | PG_RW | PG_V);
2444 /* The page directory is not shared between CPUs */
2447 pmap_inval_init(&info);
2448 pmap_inval_add(&info, dst_pmap, -1);
2449 pmap_inval_add(&info, src_pmap, -1);
2452 * critical section protection is required to maintain the page/object
2453 * association, interrupts can free pages and remove them from
2457 for (addr = src_addr; addr < end_addr; addr = pdnxt) {
2458 unsigned *src_pte, *dst_pte;
2459 vm_page_t dstmpte, srcmpte;
2460 vm_offset_t srcptepaddr;
2463 if (addr >= UPT_MIN_ADDRESS)
2464 panic("pmap_copy: invalid to pmap_copy page tables\n");
2467 * Don't let optional prefaulting of pages make us go
2468 * way below the low water mark of free pages or way
2469 * above high water mark of used pv entries.
2471 if (vmstats.v_free_count < vmstats.v_free_reserved ||
2472 pv_entry_count > pv_entry_high_water)
2475 pdnxt = ((addr + PAGE_SIZE*NPTEPG) & ~(PAGE_SIZE*NPTEPG - 1));
2476 ptepindex = addr >> PDRSHIFT;
2478 srcptepaddr = (vm_offset_t) src_pmap->pm_pdir[ptepindex];
2479 if (srcptepaddr == 0)
2482 if (srcptepaddr & PG_PS) {
2483 if (dst_pmap->pm_pdir[ptepindex] == 0) {
2484 dst_pmap->pm_pdir[ptepindex] = (pd_entry_t) srcptepaddr;
2485 dst_pmap->pm_stats.resident_count += NBPDR / PAGE_SIZE;
2490 srcmpte = vm_page_lookup(src_pmap->pm_pteobj, ptepindex);
2491 if ((srcmpte == NULL) ||
2492 (srcmpte->hold_count == 0) || (srcmpte->flags & PG_BUSY))
2495 if (pdnxt > end_addr)
2498 src_pte = (unsigned *) vtopte(addr);
2499 dst_pte = (unsigned *) avtopte(addr);
2500 while (addr < pdnxt) {
2505 * we only virtual copy managed pages
2507 if ((ptetemp & PG_MANAGED) != 0) {
2509 * We have to check after allocpte for the
2510 * pte still being around... allocpte can
2513 dstmpte = pmap_allocpte(dst_pmap, addr);
2514 if ((*dst_pte == 0) && (ptetemp = *src_pte)) {
2516 * Clear the modified and
2517 * accessed (referenced) bits
2520 m = PHYS_TO_VM_PAGE(ptetemp);
2521 *dst_pte = ptetemp & ~(PG_M | PG_A);
2522 dst_pmap->pm_stats.resident_count++;
2523 pmap_insert_entry(dst_pmap, addr,
2526 pmap_unwire_pte_hold(dst_pmap, dstmpte, &info);
2528 if (dstmpte->hold_count >= srcmpte->hold_count)
2537 pmap_inval_flush(&info);
2543 * Zero the specified PA by mapping the page into KVM and clearing its
2546 * This function may be called from an interrupt and no locking is
2550 pmap_zero_page(vm_paddr_t phys)
2552 struct mdglobaldata *gd = mdcpu;
2555 if (*(int *)gd->gd_CMAP3)
2556 panic("pmap_zero_page: CMAP3 busy");
2557 *(int *)gd->gd_CMAP3 =
2558 PG_V | PG_RW | (phys & PG_FRAME) | PG_A | PG_M;
2559 cpu_invlpg(gd->gd_CADDR3);
2561 #if defined(I686_CPU)
2562 if (cpu_class == CPUCLASS_686)
2563 i686_pagezero(gd->gd_CADDR3);
2566 bzero(gd->gd_CADDR3, PAGE_SIZE);
2567 *(int *) gd->gd_CMAP3 = 0;
2572 * pmap_page_assertzero:
2574 * Assert that a page is empty, panic if it isn't.
2577 pmap_page_assertzero(vm_paddr_t phys)
2579 struct mdglobaldata *gd = mdcpu;
2583 if (*(int *)gd->gd_CMAP3)
2584 panic("pmap_zero_page: CMAP3 busy");
2585 *(int *)gd->gd_CMAP3 =
2586 PG_V | PG_RW | (phys & PG_FRAME) | PG_A | PG_M;
2587 cpu_invlpg(gd->gd_CADDR3);
2588 for (i = 0; i < PAGE_SIZE; i += 4) {
2589 if (*(int *)((char *)gd->gd_CADDR3 + i) != 0) {
2590 panic("pmap_page_assertzero() @ %p not zero!\n",
2591 (void *)gd->gd_CADDR3);
2594 *(int *) gd->gd_CMAP3 = 0;
2601 * Zero part of a physical page by mapping it into memory and clearing
2602 * its contents with bzero.
2604 * off and size may not cover an area beyond a single hardware page.
2607 pmap_zero_page_area(vm_paddr_t phys, int off, int size)
2609 struct mdglobaldata *gd = mdcpu;
2612 if (*(int *) gd->gd_CMAP3)
2613 panic("pmap_zero_page: CMAP3 busy");
2614 *(int *) gd->gd_CMAP3 = PG_V | PG_RW | (phys & PG_FRAME) | PG_A | PG_M;
2615 cpu_invlpg(gd->gd_CADDR3);
2617 #if defined(I686_CPU)
2618 if (cpu_class == CPUCLASS_686 && off == 0 && size == PAGE_SIZE)
2619 i686_pagezero(gd->gd_CADDR3);
2622 bzero((char *)gd->gd_CADDR3 + off, size);
2623 *(int *) gd->gd_CMAP3 = 0;
2630 * Copy the physical page from the source PA to the target PA.
2631 * This function may be called from an interrupt. No locking
2635 pmap_copy_page(vm_paddr_t src, vm_paddr_t dst)
2637 struct mdglobaldata *gd = mdcpu;
2640 if (*(int *) gd->gd_CMAP1)
2641 panic("pmap_copy_page: CMAP1 busy");
2642 if (*(int *) gd->gd_CMAP2)
2643 panic("pmap_copy_page: CMAP2 busy");
2645 *(int *) gd->gd_CMAP1 = PG_V | (src & PG_FRAME) | PG_A;
2646 *(int *) gd->gd_CMAP2 = PG_V | PG_RW | (dst & PG_FRAME) | PG_A | PG_M;
2648 cpu_invlpg(gd->gd_CADDR1);
2649 cpu_invlpg(gd->gd_CADDR2);
2651 bcopy(gd->gd_CADDR1, gd->gd_CADDR2, PAGE_SIZE);
2653 *(int *) gd->gd_CMAP1 = 0;
2654 *(int *) gd->gd_CMAP2 = 0;
2659 * pmap_copy_page_frag:
2661 * Copy the physical page from the source PA to the target PA.
2662 * This function may be called from an interrupt. No locking
2666 pmap_copy_page_frag(vm_paddr_t src, vm_paddr_t dst, size_t bytes)
2668 struct mdglobaldata *gd = mdcpu;
2671 if (*(int *) gd->gd_CMAP1)
2672 panic("pmap_copy_page: CMAP1 busy");
2673 if (*(int *) gd->gd_CMAP2)
2674 panic("pmap_copy_page: CMAP2 busy");
2676 *(int *) gd->gd_CMAP1 = PG_V | (src & PG_FRAME) | PG_A;
2677 *(int *) gd->gd_CMAP2 = PG_V | PG_RW | (dst & PG_FRAME) | PG_A | PG_M;
2679 cpu_invlpg(gd->gd_CADDR1);
2680 cpu_invlpg(gd->gd_CADDR2);
2682 bcopy((char *)gd->gd_CADDR1 + (src & PAGE_MASK),
2683 (char *)gd->gd_CADDR2 + (dst & PAGE_MASK),
2686 *(int *) gd->gd_CMAP1 = 0;
2687 *(int *) gd->gd_CMAP2 = 0;
2692 * Returns true if the pmap's pv is one of the first
2693 * 16 pvs linked to from this page. This count may
2694 * be changed upwards or downwards in the future; it
2695 * is only necessary that true be returned for a small
2696 * subset of pmaps for proper page aging.
2699 pmap_page_exists_quick(pmap_t pmap, vm_page_t m)
2704 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
2709 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
2710 if (pv->pv_pmap == pmap) {
2723 * Remove all pages from specified address space
2724 * this aids process exit speeds. Also, this code
2725 * is special cased for current process only, but
2726 * can have the more generic (and slightly slower)
2727 * mode enabled. This is much faster than pmap_remove
2728 * in the case of running down an entire address space.
2731 pmap_remove_pages(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
2733 unsigned *pte, tpte;
2736 pmap_inval_info info;
2739 if (curproc && pmap == vmspace_pmap(curproc->p_vmspace))
2744 pmap_inval_init(&info);
2746 for (pv = TAILQ_FIRST(&pmap->pm_pvlist); pv; pv = npv) {
2748 if (pv->pv_va >= eva || pv->pv_va < sva) {
2749 npv = TAILQ_NEXT(pv, pv_plist);
2754 pte = (unsigned *)vtopte(pv->pv_va);
2756 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
2757 if (pmap->pm_active)
2758 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
2762 * We cannot remove wired pages from a process' mapping
2766 npv = TAILQ_NEXT(pv, pv_plist);
2771 m = PHYS_TO_VM_PAGE(tpte);
2773 KASSERT(m < &vm_page_array[vm_page_array_size],
2774 ("pmap_remove_pages: bad tpte %x", tpte));
2776 pv->pv_pmap->pm_stats.resident_count--;
2779 * Update the vm_page_t clean and reference bits.
2786 npv = TAILQ_NEXT(pv, pv_plist);
2787 TAILQ_REMOVE(&pv->pv_pmap->pm_pvlist, pv, pv_plist);
2789 m->md.pv_list_count--;
2790 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
2791 if (TAILQ_FIRST(&m->md.pv_list) == NULL) {
2792 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
2795 pmap_unuse_pt(pv->pv_pmap, pv->pv_va, pv->pv_ptem, &info);
2798 pmap_inval_flush(&info);
2803 * pmap_testbit tests bits in pte's
2804 * note that the testbit/clearbit routines are inline,
2805 * and a lot of things compile-time evaluate.
2808 pmap_testbit(vm_page_t m, int bit)
2813 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
2816 if (TAILQ_FIRST(&m->md.pv_list) == NULL)
2821 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
2823 * if the bit being tested is the modified bit, then
2824 * mark clean_map and ptes as never
2827 if (bit & (PG_A|PG_M)) {
2828 if (!pmap_track_modified(pv->pv_va))
2832 #if defined(PMAP_DIAGNOSTIC)
2834 kprintf("Null pmap (tb) at va: 0x%x\n", pv->pv_va);
2838 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
2849 * this routine is used to modify bits in ptes
2851 static __inline void
2852 pmap_clearbit(vm_page_t m, int bit)
2854 struct pmap_inval_info info;
2859 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
2862 pmap_inval_init(&info);
2866 * Loop over all current mappings setting/clearing as appropos If
2867 * setting RO do we need to clear the VAC?
2869 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
2871 * don't write protect pager mappings
2874 if (!pmap_track_modified(pv->pv_va))
2878 #if defined(PMAP_DIAGNOSTIC)
2880 kprintf("Null pmap (cb) at va: 0x%x\n", pv->pv_va);
2886 * Careful here. We can use a locked bus instruction to
2887 * clear PG_A or PG_M safely but we need to synchronize
2888 * with the target cpus when we mess with PG_RW.
2890 * We do not have to force synchronization when clearing
2891 * PG_M even for PTEs generated via virtual memory maps,
2892 * because the virtual kernel will invalidate the pmap
2893 * entry when/if it needs to resynchronize the Modify bit.
2895 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
2897 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
2904 atomic_clear_int(pte, PG_M|PG_RW);
2905 } else if (bit == PG_M) {
2907 * We could also clear PG_RW here to force
2908 * a fault on write to redetect PG_M for
2909 * virtual kernels, but it isn't necessary
2910 * since virtual kernels invalidate the pte
2911 * when they clear the VPTE_M bit in their
2912 * virtual page tables.
2914 atomic_clear_int(pte, PG_M);
2916 atomic_clear_int(pte, bit);
2920 pmap_inval_flush(&info);
2925 * pmap_page_protect:
2927 * Lower the permission for all mappings to a given page.
2930 pmap_page_protect(vm_page_t m, vm_prot_t prot)
2932 if ((prot & VM_PROT_WRITE) == 0) {
2933 if (prot & (VM_PROT_READ | VM_PROT_EXECUTE)) {
2934 pmap_clearbit(m, PG_RW);
2942 pmap_phys_address(int ppn)
2944 return (i386_ptob(ppn));
2948 * pmap_ts_referenced:
2950 * Return a count of reference bits for a page, clearing those bits.
2951 * It is not necessary for every reference bit to be cleared, but it
2952 * is necessary that 0 only be returned when there are truly no
2953 * reference bits set.
2955 * XXX: The exact number of bits to check and clear is a matter that
2956 * should be tested and standardized at some point in the future for
2957 * optimal aging of shared pages.
2960 pmap_ts_referenced(vm_page_t m)
2962 pv_entry_t pv, pvf, pvn;
2966 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
2971 if ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
2976 pvn = TAILQ_NEXT(pv, pv_list);
2978 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
2980 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_list);
2982 if (!pmap_track_modified(pv->pv_va))
2985 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
2987 if (pte && (*pte & PG_A)) {
2989 atomic_clear_int(pte, PG_A);
2991 atomic_clear_int_nonlocked(pte, PG_A);
2998 } while ((pv = pvn) != NULL && pv != pvf);
3008 * Return whether or not the specified physical page was modified
3009 * in any physical maps.
3012 pmap_is_modified(vm_page_t m)
3014 return pmap_testbit(m, PG_M);
3018 * Clear the modify bits on the specified physical page.
3021 pmap_clear_modify(vm_page_t m)
3023 pmap_clearbit(m, PG_M);
3027 * pmap_clear_reference:
3029 * Clear the reference bit on the specified physical page.
3032 pmap_clear_reference(vm_page_t m)
3034 pmap_clearbit(m, PG_A);
3038 * Miscellaneous support routines follow
3042 i386_protection_init(void)
3046 kp = protection_codes;
3047 for (prot = 0; prot < 8; prot++) {
3049 case VM_PROT_NONE | VM_PROT_NONE | VM_PROT_NONE:
3051 * Read access is also 0. There isn't any execute bit,
3052 * so just make it readable.
3054 case VM_PROT_READ | VM_PROT_NONE | VM_PROT_NONE:
3055 case VM_PROT_READ | VM_PROT_NONE | VM_PROT_EXECUTE:
3056 case VM_PROT_NONE | VM_PROT_NONE | VM_PROT_EXECUTE:
3059 case VM_PROT_NONE | VM_PROT_WRITE | VM_PROT_NONE:
3060 case VM_PROT_NONE | VM_PROT_WRITE | VM_PROT_EXECUTE:
3061 case VM_PROT_READ | VM_PROT_WRITE | VM_PROT_NONE:
3062 case VM_PROT_READ | VM_PROT_WRITE | VM_PROT_EXECUTE:
3070 * Map a set of physical memory pages into the kernel virtual
3071 * address space. Return a pointer to where it is mapped. This
3072 * routine is intended to be used for mapping device memory,
3075 * NOTE: we can't use pgeflag unless we invalidate the pages one at
3079 pmap_mapdev(vm_paddr_t pa, vm_size_t size)
3081 vm_offset_t va, tmpva, offset;
3084 offset = pa & PAGE_MASK;
3085 size = roundup(offset + size, PAGE_SIZE);
3087 va = kmem_alloc_nofault(&kernel_map, size);
3089 panic("pmap_mapdev: Couldn't alloc kernel virtual memory");
3092 for (tmpva = va; size > 0;) {
3093 pte = (unsigned *)vtopte(tmpva);
3094 *pte = pa | PG_RW | PG_V; /* | pgeflag; */
3102 return ((void *)(va + offset));
3106 pmap_unmapdev(vm_offset_t va, vm_size_t size)
3108 vm_offset_t base, offset;
3110 base = va & PG_FRAME;
3111 offset = va & PAGE_MASK;
3112 size = roundup(offset + size, PAGE_SIZE);
3113 pmap_qremove(va, size >> PAGE_SHIFT);
3114 kmem_free(&kernel_map, base, size);
3118 * perform the pmap work for mincore
3121 pmap_mincore(pmap_t pmap, vm_offset_t addr)
3123 unsigned *ptep, pte;
3127 ptep = pmap_pte(pmap, addr);
3132 if ((pte = *ptep) != 0) {
3135 val = MINCORE_INCORE;
3136 if ((pte & PG_MANAGED) == 0)
3139 pa = pte & PG_FRAME;
3141 m = PHYS_TO_VM_PAGE(pa);
3147 val |= MINCORE_MODIFIED|MINCORE_MODIFIED_OTHER;
3149 * Modified by someone
3151 else if (m->dirty || pmap_is_modified(m))
3152 val |= MINCORE_MODIFIED_OTHER;
3157 val |= MINCORE_REFERENCED|MINCORE_REFERENCED_OTHER;
3160 * Referenced by someone
3162 else if ((m->flags & PG_REFERENCED) || pmap_ts_referenced(m)) {
3163 val |= MINCORE_REFERENCED_OTHER;
3164 vm_page_flag_set(m, PG_REFERENCED);
3171 pmap_activate(struct proc *p)
3175 pmap = vmspace_pmap(p->p_vmspace);
3177 atomic_set_int(&pmap->pm_active, 1 << mycpu->gd_cpuid);
3179 pmap->pm_active |= 1;
3181 #if defined(SWTCH_OPTIM_STATS)
3184 p->p_thread->td_pcb->pcb_cr3 = vtophys(pmap->pm_pdir);
3185 load_cr3(p->p_thread->td_pcb->pcb_cr3);
3189 pmap_deactivate(struct proc *p)
3193 pmap = vmspace_pmap(p->p_vmspace);
3195 atomic_clear_int(&pmap->pm_active, 1 << mycpu->gd_cpuid);
3197 pmap->pm_active &= ~1;
3200 * XXX - note we do not adjust %cr3. The caller is expected to
3201 * activate a new pmap or do a thread-exit.
3206 pmap_addr_hint(vm_object_t obj, vm_offset_t addr, vm_size_t size)
3209 if ((obj == NULL) || (size < NBPDR) || (obj->type != OBJT_DEVICE)) {
3213 addr = (addr + (NBPDR - 1)) & ~(NBPDR - 1);
3220 static void pads (pmap_t pm);
3221 void pmap_pvdump (vm_paddr_t pa);
3223 /* print address space of pmap*/
3230 if (pm == &kernel_pmap)
3232 for (i = 0; i < 1024; i++)
3234 for (j = 0; j < 1024; j++) {
3235 va = (i << PDRSHIFT) + (j << PAGE_SHIFT);
3236 if (pm == &kernel_pmap && va < KERNBASE)
3238 if (pm != &kernel_pmap && va > UPT_MAX_ADDRESS)
3240 ptep = pmap_pte_quick(pm, va);
3241 if (pmap_pte_v(ptep))
3242 kprintf("%x:%x ", va, *(int *) ptep);
3248 pmap_pvdump(vm_paddr_t pa)
3253 kprintf("pa %08llx", (long long)pa);
3254 m = PHYS_TO_VM_PAGE(pa);
3255 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
3257 kprintf(" -> pmap %p, va %x, flags %x",
3258 (void *)pv->pv_pmap, pv->pv_va, pv->pv_flags);
3260 kprintf(" -> pmap %p, va %x", (void *)pv->pv_pmap, pv->pv_va);
lentferj's projects / dragonfly.git / blob