Print this page
NEX-19598 HAT panic
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
Reviewed by: Sanjay Nadkarni <sanjay.nadkarni@nexenta.com>
NEX-16970 assertion failed: ht->ht_valid_cnt >= 0, file: ../../i86pc/vm/htable.c, line: 1204
Reviewed by: Sanjay Nadkarni <sanjay.nadkarni@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Rob Gittins <rob.gittins@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
NEX-18463 Parallel dump produces corrupted dump file
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
NEX-5164 backport illumos 6514 AS_* lock macros simplification
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
6514 AS_* lock macros simplification
Reviewed by: Piotr Jasiukajtis <estibi@me.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
Reviewed by: Albert Lee <trisk@omniti.com>
Approved by: Dan McDonald <danmcd@omniti.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/i86pc/vm/hat_i86.c
+++ new/usr/src/uts/i86pc/vm/hat_i86.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
|
↓ open down ↓ |
18 lines elided |
↑ open up ↑ |
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
23 23 */
24 24 /*
25 25 * Copyright (c) 2010, Intel Corporation.
26 26 * All rights reserved.
27 27 */
28 28 /*
29 - * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
29 + * Copyright 2019 Nexenta Systems, Inc. All rights reserved.
30 + * Copyright 2018 Joyent, Inc. All rights reserved.
30 31 * Copyright (c) 2014, 2015 by Delphix. All rights reserved.
31 32 */
32 33
33 34 /*
34 35 * VM - Hardware Address Translation management for i386 and amd64
35 36 *
36 37 * Implementation of the interfaces described in <common/vm/hat.h>
37 38 *
38 39 * Nearly all the details of how the hardware is managed should not be
39 40 * visible outside this layer except for misc. machine specific functions
40 41 * that work in conjunction with this code.
41 42 *
42 43 * Routines used only inside of i86pc/vm start with hati_ for HAT Internal.
43 44 */
44 45
45 46 #include <sys/machparam.h>
46 47 #include <sys/machsystm.h>
47 48 #include <sys/mman.h>
48 49 #include <sys/types.h>
49 50 #include <sys/systm.h>
50 51 #include <sys/cpuvar.h>
51 52 #include <sys/thread.h>
52 53 #include <sys/proc.h>
53 54 #include <sys/cpu.h>
54 55 #include <sys/kmem.h>
55 56 #include <sys/disp.h>
56 57 #include <sys/shm.h>
57 58 #include <sys/sysmacros.h>
58 59 #include <sys/machparam.h>
59 60 #include <sys/vmem.h>
60 61 #include <sys/vmsystm.h>
61 62 #include <sys/promif.h>
62 63 #include <sys/var.h>
63 64 #include <sys/x86_archext.h>
64 65 #include <sys/atomic.h>
65 66 #include <sys/bitmap.h>
66 67 #include <sys/controlregs.h>
67 68 #include <sys/bootconf.h>
68 69 #include <sys/bootsvcs.h>
69 70 #include <sys/bootinfo.h>
70 71 #include <sys/archsystm.h>
71 72
72 73 #include <vm/seg_kmem.h>
73 74 #include <vm/hat_i86.h>
74 75 #include <vm/as.h>
75 76 #include <vm/seg.h>
76 77 #include <vm/page.h>
77 78 #include <vm/seg_kp.h>
78 79 #include <vm/seg_kpm.h>
79 80 #include <vm/vm_dep.h>
80 81 #ifdef __xpv
81 82 #include <sys/hypervisor.h>
82 83 #endif
83 84 #include <vm/kboot_mmu.h>
84 85 #include <vm/seg_spt.h>
85 86
86 87 #include <sys/cmn_err.h>
87 88
88 89 /*
89 90 * Basic parameters for hat operation.
90 91 */
91 92 struct hat_mmu_info mmu;
92 93
93 94 /*
94 95 * The page that is the kernel's top level pagetable.
95 96 *
96 97 * For 32 bit PAE support on i86pc, the kernel hat will use the 1st 4 entries
97 98 * on this 4K page for its top level page table. The remaining groups of
98 99 * 4 entries are used for per processor copies of user VLP pagetables for
99 100 * running threads. See hat_switch() and reload_pae32() for details.
100 101 *
101 102 * vlp_page[0..3] - level==2 PTEs for kernel HAT
102 103 * vlp_page[4..7] - level==2 PTEs for user thread on cpu 0
103 104 * vlp_page[8..11] - level==2 PTE for user thread on cpu 1
104 105 * etc...
105 106 */
106 107 static x86pte_t *vlp_page;
107 108
108 109 /*
109 110 * forward declaration of internal utility routines
110 111 */
111 112 static x86pte_t hati_update_pte(htable_t *ht, uint_t entry, x86pte_t expected,
112 113 x86pte_t new);
113 114
114 115 /*
115 116 * The kernel address space exists in all HATs. To implement this the
116 117 * kernel reserves a fixed number of entries in the topmost level(s) of page
117 118 * tables. The values are setup during startup and then copied to every user
118 119 * hat created by hat_alloc(). This means that kernelbase must be:
119 120 *
120 121 * 4Meg aligned for 32 bit kernels
121 122 * 512Gig aligned for x86_64 64 bit kernel
122 123 *
123 124 * The hat_kernel_range_ts describe what needs to be copied from kernel hat
124 125 * to each user hat.
125 126 */
126 127 typedef struct hat_kernel_range {
127 128 level_t hkr_level;
128 129 uintptr_t hkr_start_va;
129 130 uintptr_t hkr_end_va; /* zero means to end of memory */
130 131 } hat_kernel_range_t;
131 132 #define NUM_KERNEL_RANGE 2
132 133 static hat_kernel_range_t kernel_ranges[NUM_KERNEL_RANGE];
133 134 static int num_kernel_ranges;
134 135
135 136 uint_t use_boot_reserve = 1; /* cleared after early boot process */
136 137 uint_t can_steal_post_boot = 0; /* set late in boot to enable stealing */
137 138
138 139 /*
139 140 * enable_1gpg: controls 1g page support for user applications.
140 141 * By default, 1g pages are exported to user applications. enable_1gpg can
141 142 * be set to 0 to not export.
142 143 */
143 144 int enable_1gpg = 1;
144 145
145 146 /*
146 147 * AMD shanghai processors provide better management of 1gb ptes in its tlb.
147 148 * By default, 1g page support will be disabled for pre-shanghai AMD
148 149 * processors that don't have optimal tlb support for the 1g page size.
149 150 * chk_optimal_1gtlb can be set to 0 to force 1g page support on sub-optimal
150 151 * processors.
151 152 */
152 153 int chk_optimal_1gtlb = 1;
153 154
154 155
155 156 #ifdef DEBUG
156 157 uint_t map1gcnt;
157 158 #endif
158 159
159 160
160 161 /*
161 162 * A cpuset for all cpus. This is used for kernel address cross calls, since
162 163 * the kernel addresses apply to all cpus.
163 164 */
164 165 cpuset_t khat_cpuset;
165 166
166 167 /*
167 168 * management stuff for hat structures
168 169 */
169 170 kmutex_t hat_list_lock;
170 171 kcondvar_t hat_list_cv;
171 172 kmem_cache_t *hat_cache;
172 173 kmem_cache_t *hat_hash_cache;
173 174 kmem_cache_t *vlp_hash_cache;
174 175
175 176 /*
176 177 * Simple statistics
177 178 */
178 179 struct hatstats hatstat;
179 180
180 181 /*
181 182 * Some earlier hypervisor versions do not emulate cmpxchg of PTEs
182 183 * correctly. For such hypervisors we must set PT_USER for kernel
183 184 * entries ourselves (normally the emulation would set PT_USER for
184 185 * kernel entries and PT_USER|PT_GLOBAL for user entries). pt_kern is
185 186 * thus set appropriately. Note that dboot/kbm is OK, as only the full
186 187 * HAT uses cmpxchg() and the other paths (hypercall etc.) were never
187 188 * incorrect.
188 189 */
189 190 int pt_kern;
190 191
191 192 /*
192 193 * useful stuff for atomic access/clearing/setting REF/MOD/RO bits in page_t's.
193 194 */
194 195 extern void atomic_orb(uchar_t *addr, uchar_t val);
195 196 extern void atomic_andb(uchar_t *addr, uchar_t val);
196 197
197 198 #ifndef __xpv
198 199 extern pfn_t memseg_get_start(struct memseg *);
199 200 #endif
200 201
201 202 #define PP_GETRM(pp, rmmask) (pp->p_nrm & rmmask)
202 203 #define PP_ISMOD(pp) PP_GETRM(pp, P_MOD)
203 204 #define PP_ISREF(pp) PP_GETRM(pp, P_REF)
204 205 #define PP_ISRO(pp) PP_GETRM(pp, P_RO)
205 206
206 207 #define PP_SETRM(pp, rm) atomic_orb(&(pp->p_nrm), rm)
207 208 #define PP_SETMOD(pp) PP_SETRM(pp, P_MOD)
208 209 #define PP_SETREF(pp) PP_SETRM(pp, P_REF)
209 210 #define PP_SETRO(pp) PP_SETRM(pp, P_RO)
210 211
211 212 #define PP_CLRRM(pp, rm) atomic_andb(&(pp->p_nrm), ~(rm))
212 213 #define PP_CLRMOD(pp) PP_CLRRM(pp, P_MOD)
213 214 #define PP_CLRREF(pp) PP_CLRRM(pp, P_REF)
214 215 #define PP_CLRRO(pp) PP_CLRRM(pp, P_RO)
215 216 #define PP_CLRALL(pp) PP_CLRRM(pp, P_MOD | P_REF | P_RO)
216 217
217 218 /*
218 219 * kmem cache constructor for struct hat
219 220 */
220 221 /*ARGSUSED*/
221 222 static int
222 223 hati_constructor(void *buf, void *handle, int kmflags)
223 224 {
224 225 hat_t *hat = buf;
225 226
226 227 mutex_init(&hat->hat_mutex, NULL, MUTEX_DEFAULT, NULL);
227 228 bzero(hat->hat_pages_mapped,
228 229 sizeof (pgcnt_t) * (mmu.max_page_level + 1));
229 230 hat->hat_ism_pgcnt = 0;
230 231 hat->hat_stats = 0;
231 232 hat->hat_flags = 0;
232 233 CPUSET_ZERO(hat->hat_cpus);
233 234 hat->hat_htable = NULL;
234 235 hat->hat_ht_hash = NULL;
235 236 return (0);
236 237 }
237 238
238 239 /*
239 240 * Allocate a hat structure for as. We also create the top level
240 241 * htable and initialize it to contain the kernel hat entries.
241 242 */
242 243 hat_t *
243 244 hat_alloc(struct as *as)
244 245 {
245 246 hat_t *hat;
246 247 htable_t *ht; /* top level htable */
247 248 uint_t use_vlp;
248 249 uint_t r;
249 250 hat_kernel_range_t *rp;
250 251 uintptr_t va;
251 252 uintptr_t eva;
252 253 uint_t start;
253 254 uint_t cnt;
254 255 htable_t *src;
255 256
256 257 /*
257 258 * Once we start creating user process HATs we can enable
|
↓ open down ↓ |
218 lines elided |
↑ open up ↑ |
258 259 * the htable_steal() code.
259 260 */
260 261 if (can_steal_post_boot == 0)
261 262 can_steal_post_boot = 1;
262 263
263 264 ASSERT(AS_WRITE_HELD(as));
264 265 hat = kmem_cache_alloc(hat_cache, KM_SLEEP);
265 266 hat->hat_as = as;
266 267 mutex_init(&hat->hat_mutex, NULL, MUTEX_DEFAULT, NULL);
267 268 ASSERT(hat->hat_flags == 0);
269 + hat->hat_unmaps = 0;
268 270
269 271 #if defined(__xpv)
270 272 /*
271 273 * No VLP stuff on the hypervisor due to the 64-bit split top level
272 274 * page tables. On 32-bit it's not needed as the hypervisor takes
273 275 * care of copying the top level PTEs to a below 4Gig page.
274 276 */
275 277 use_vlp = 0;
276 278 #else /* __xpv */
277 279 /* 32 bit processes uses a VLP style hat when running with PAE */
278 280 #if defined(__amd64)
279 281 use_vlp = (ttoproc(curthread)->p_model == DATAMODEL_ILP32);
280 282 #elif defined(__i386)
281 283 use_vlp = mmu.pae_hat;
282 284 #endif
283 285 #endif /* __xpv */
284 286 if (use_vlp) {
285 287 hat->hat_flags = HAT_VLP;
286 288 bzero(hat->hat_vlp_ptes, VLP_SIZE);
287 289 }
288 290
289 291 /*
290 292 * Allocate the htable hash
291 293 */
292 294 if ((hat->hat_flags & HAT_VLP)) {
293 295 hat->hat_num_hash = mmu.vlp_hash_cnt;
294 296 hat->hat_ht_hash = kmem_cache_alloc(vlp_hash_cache, KM_SLEEP);
295 297 } else {
296 298 hat->hat_num_hash = mmu.hash_cnt;
297 299 hat->hat_ht_hash = kmem_cache_alloc(hat_hash_cache, KM_SLEEP);
298 300 }
299 301 bzero(hat->hat_ht_hash, hat->hat_num_hash * sizeof (htable_t *));
300 302
301 303 /*
302 304 * Initialize Kernel HAT entries at the top of the top level page
303 305 * tables for the new hat.
304 306 */
305 307 hat->hat_htable = NULL;
306 308 hat->hat_ht_cached = NULL;
307 309 XPV_DISALLOW_MIGRATE();
308 310 ht = htable_create(hat, (uintptr_t)0, TOP_LEVEL(hat), NULL);
309 311 hat->hat_htable = ht;
310 312
311 313 #if defined(__amd64)
312 314 if (hat->hat_flags & HAT_VLP)
313 315 goto init_done;
314 316 #endif
315 317
316 318 for (r = 0; r < num_kernel_ranges; ++r) {
317 319 rp = &kernel_ranges[r];
318 320 for (va = rp->hkr_start_va; va != rp->hkr_end_va;
319 321 va += cnt * LEVEL_SIZE(rp->hkr_level)) {
320 322
321 323 if (rp->hkr_level == TOP_LEVEL(hat))
322 324 ht = hat->hat_htable;
323 325 else
324 326 ht = htable_create(hat, va, rp->hkr_level,
325 327 NULL);
326 328
327 329 start = htable_va2entry(va, ht);
328 330 cnt = HTABLE_NUM_PTES(ht) - start;
329 331 eva = va +
330 332 ((uintptr_t)cnt << LEVEL_SHIFT(rp->hkr_level));
331 333 if (rp->hkr_end_va != 0 &&
332 334 (eva > rp->hkr_end_va || eva == 0))
333 335 cnt = htable_va2entry(rp->hkr_end_va, ht) -
334 336 start;
335 337
336 338 #if defined(__i386) && !defined(__xpv)
337 339 if (ht->ht_flags & HTABLE_VLP) {
338 340 bcopy(&vlp_page[start],
339 341 &hat->hat_vlp_ptes[start],
340 342 cnt * sizeof (x86pte_t));
341 343 continue;
342 344 }
343 345 #endif
344 346 src = htable_lookup(kas.a_hat, va, rp->hkr_level);
345 347 ASSERT(src != NULL);
346 348 x86pte_copy(src, ht, start, cnt);
347 349 htable_release(src);
348 350 }
349 351 }
350 352
351 353 init_done:
352 354
353 355 #if defined(__xpv)
354 356 /*
355 357 * Pin top level page tables after initializing them
356 358 */
357 359 xen_pin(hat->hat_htable->ht_pfn, mmu.max_level);
358 360 #if defined(__amd64)
359 361 xen_pin(hat->hat_user_ptable, mmu.max_level);
360 362 #endif
361 363 #endif
362 364 XPV_ALLOW_MIGRATE();
363 365
364 366 /*
365 367 * Put it at the start of the global list of all hats (used by stealing)
366 368 *
367 369 * kas.a_hat is not in the list but is instead used to find the
368 370 * first and last items in the list.
369 371 *
370 372 * - kas.a_hat->hat_next points to the start of the user hats.
371 373 * The list ends where hat->hat_next == NULL
372 374 *
373 375 * - kas.a_hat->hat_prev points to the last of the user hats.
374 376 * The list begins where hat->hat_prev == NULL
375 377 */
376 378 mutex_enter(&hat_list_lock);
377 379 hat->hat_prev = NULL;
378 380 hat->hat_next = kas.a_hat->hat_next;
379 381 if (hat->hat_next)
380 382 hat->hat_next->hat_prev = hat;
381 383 else
382 384 kas.a_hat->hat_prev = hat;
383 385 kas.a_hat->hat_next = hat;
384 386 mutex_exit(&hat_list_lock);
385 387
386 388 return (hat);
387 389 }
388 390
389 391 /*
390 392 * process has finished executing but as has not been cleaned up yet.
391 393 */
392 394 /*ARGSUSED*/
393 395 void
|
↓ open down ↓ |
116 lines elided |
↑ open up ↑ |
394 396 hat_free_start(hat_t *hat)
395 397 {
396 398 ASSERT(AS_WRITE_HELD(hat->hat_as));
397 399
398 400 /*
399 401 * If the hat is currently a stealing victim, wait for the stealing
400 402 * to finish. Once we mark it as HAT_FREEING, htable_steal()
401 403 * won't look at its pagetables anymore.
402 404 */
403 405 mutex_enter(&hat_list_lock);
404 - while (hat->hat_flags & HAT_VICTIM)
406 + while ((hat->hat_flags & HAT_VICTIM) || (hat->hat_unmaps > 0))
405 407 cv_wait(&hat_list_cv, &hat_list_lock);
406 408 hat->hat_flags |= HAT_FREEING;
407 409 mutex_exit(&hat_list_lock);
408 410 }
409 411
410 412 /*
411 413 * An address space is being destroyed, so we destroy the associated hat.
412 414 */
413 415 void
414 416 hat_free_end(hat_t *hat)
415 417 {
416 418 kmem_cache_t *cache;
417 419
418 420 ASSERT(hat->hat_flags & HAT_FREEING);
419 421
420 422 /*
421 423 * must not be running on the given hat
422 424 */
423 425 ASSERT(CPU->cpu_current_hat != hat);
424 426
425 427 /*
426 428 * Remove it from the list of HATs
427 429 */
428 430 mutex_enter(&hat_list_lock);
429 431 if (hat->hat_prev)
430 432 hat->hat_prev->hat_next = hat->hat_next;
431 433 else
432 434 kas.a_hat->hat_next = hat->hat_next;
433 435 if (hat->hat_next)
434 436 hat->hat_next->hat_prev = hat->hat_prev;
435 437 else
436 438 kas.a_hat->hat_prev = hat->hat_prev;
437 439 mutex_exit(&hat_list_lock);
438 440 hat->hat_next = hat->hat_prev = NULL;
439 441
440 442 #if defined(__xpv)
441 443 /*
442 444 * On the hypervisor, unpin top level page table(s)
443 445 */
444 446 xen_unpin(hat->hat_htable->ht_pfn);
445 447 #if defined(__amd64)
446 448 xen_unpin(hat->hat_user_ptable);
447 449 #endif
448 450 #endif
449 451
450 452 /*
451 453 * Make a pass through the htables freeing them all up.
452 454 */
453 455 htable_purge_hat(hat);
454 456
455 457 /*
456 458 * Decide which kmem cache the hash table came from, then free it.
457 459 */
458 460 if (hat->hat_flags & HAT_VLP)
459 461 cache = vlp_hash_cache;
460 462 else
461 463 cache = hat_hash_cache;
462 464 kmem_cache_free(cache, hat->hat_ht_hash);
463 465 hat->hat_ht_hash = NULL;
464 466
465 467 hat->hat_flags = 0;
466 468 kmem_cache_free(hat_cache, hat);
467 469 }
468 470
469 471 /*
470 472 * round kernelbase down to a supported value to use for _userlimit
471 473 *
472 474 * userlimit must be aligned down to an entry in the top level htable.
473 475 * The one exception is for 32 bit HAT's running PAE.
474 476 */
475 477 uintptr_t
476 478 hat_kernelbase(uintptr_t va)
477 479 {
478 480 #if defined(__i386)
479 481 va &= LEVEL_MASK(1);
480 482 #endif
481 483 if (IN_VA_HOLE(va))
482 484 panic("_userlimit %p will fall in VA hole\n", (void *)va);
483 485 return (va);
484 486 }
485 487
486 488 /*
487 489 *
488 490 */
489 491 static void
490 492 set_max_page_level()
491 493 {
492 494 level_t lvl;
493 495
494 496 if (!kbm_largepage_support) {
495 497 lvl = 0;
496 498 } else {
497 499 if (is_x86_feature(x86_featureset, X86FSET_1GPG)) {
498 500 lvl = 2;
499 501 if (chk_optimal_1gtlb &&
500 502 cpuid_opteron_erratum(CPU, 6671130)) {
501 503 lvl = 1;
502 504 }
503 505 if (plat_mnode_xcheck(LEVEL_SIZE(2) >>
504 506 LEVEL_SHIFT(0))) {
505 507 lvl = 1;
506 508 }
507 509 } else {
508 510 lvl = 1;
509 511 }
510 512 }
511 513 mmu.max_page_level = lvl;
512 514
513 515 if ((lvl == 2) && (enable_1gpg == 0))
514 516 mmu.umax_page_level = 1;
515 517 else
516 518 mmu.umax_page_level = lvl;
517 519 }
518 520
519 521 /*
520 522 * Initialize hat data structures based on processor MMU information.
521 523 */
522 524 void
523 525 mmu_init(void)
524 526 {
525 527 uint_t max_htables;
526 528 uint_t pa_bits;
527 529 uint_t va_bits;
528 530 int i;
529 531
530 532 /*
531 533 * If CPU enabled the page table global bit, use it for the kernel
532 534 * This is bit 7 in CR4 (PGE - Page Global Enable).
533 535 */
534 536 if (is_x86_feature(x86_featureset, X86FSET_PGE) &&
535 537 (getcr4() & CR4_PGE) != 0)
536 538 mmu.pt_global = PT_GLOBAL;
537 539
538 540 /*
539 541 * Detect NX and PAE usage.
540 542 */
541 543 mmu.pae_hat = kbm_pae_support;
542 544 if (kbm_nx_support)
543 545 mmu.pt_nx = PT_NX;
544 546 else
545 547 mmu.pt_nx = 0;
546 548
547 549 /*
548 550 * Use CPU info to set various MMU parameters
549 551 */
550 552 cpuid_get_addrsize(CPU, &pa_bits, &va_bits);
551 553
552 554 if (va_bits < sizeof (void *) * NBBY) {
553 555 mmu.hole_start = (1ul << (va_bits - 1));
554 556 mmu.hole_end = 0ul - mmu.hole_start - 1;
555 557 } else {
556 558 mmu.hole_end = 0;
557 559 mmu.hole_start = mmu.hole_end - 1;
558 560 }
559 561 #if defined(OPTERON_ERRATUM_121)
560 562 /*
561 563 * If erratum 121 has already been detected at this time, hole_start
562 564 * contains the value to be subtracted from mmu.hole_start.
563 565 */
564 566 ASSERT(hole_start == 0 || opteron_erratum_121 != 0);
565 567 hole_start = mmu.hole_start - hole_start;
566 568 #else
567 569 hole_start = mmu.hole_start;
568 570 #endif
569 571 hole_end = mmu.hole_end;
570 572
571 573 mmu.highest_pfn = mmu_btop((1ull << pa_bits) - 1);
572 574 if (mmu.pae_hat == 0 && pa_bits > 32)
573 575 mmu.highest_pfn = PFN_4G - 1;
574 576
575 577 if (mmu.pae_hat) {
576 578 mmu.pte_size = 8; /* 8 byte PTEs */
577 579 mmu.pte_size_shift = 3;
578 580 } else {
579 581 mmu.pte_size = 4; /* 4 byte PTEs */
580 582 mmu.pte_size_shift = 2;
581 583 }
582 584
583 585 if (mmu.pae_hat && !is_x86_feature(x86_featureset, X86FSET_PAE))
584 586 panic("Processor does not support PAE");
585 587
586 588 if (!is_x86_feature(x86_featureset, X86FSET_CX8))
587 589 panic("Processor does not support cmpxchg8b instruction");
588 590
589 591 #if defined(__amd64)
590 592
591 593 mmu.num_level = 4;
592 594 mmu.max_level = 3;
593 595 mmu.ptes_per_table = 512;
594 596 mmu.top_level_count = 512;
595 597
596 598 mmu.level_shift[0] = 12;
597 599 mmu.level_shift[1] = 21;
598 600 mmu.level_shift[2] = 30;
599 601 mmu.level_shift[3] = 39;
600 602
601 603 #elif defined(__i386)
602 604
603 605 if (mmu.pae_hat) {
604 606 mmu.num_level = 3;
605 607 mmu.max_level = 2;
606 608 mmu.ptes_per_table = 512;
607 609 mmu.top_level_count = 4;
608 610
609 611 mmu.level_shift[0] = 12;
610 612 mmu.level_shift[1] = 21;
611 613 mmu.level_shift[2] = 30;
612 614
613 615 } else {
614 616 mmu.num_level = 2;
615 617 mmu.max_level = 1;
616 618 mmu.ptes_per_table = 1024;
617 619 mmu.top_level_count = 1024;
618 620
619 621 mmu.level_shift[0] = 12;
620 622 mmu.level_shift[1] = 22;
621 623 }
622 624
623 625 #endif /* __i386 */
624 626
625 627 for (i = 0; i < mmu.num_level; ++i) {
626 628 mmu.level_size[i] = 1UL << mmu.level_shift[i];
627 629 mmu.level_offset[i] = mmu.level_size[i] - 1;
628 630 mmu.level_mask[i] = ~mmu.level_offset[i];
629 631 }
630 632
631 633 set_max_page_level();
632 634
633 635 mmu_page_sizes = mmu.max_page_level + 1;
634 636 mmu_exported_page_sizes = mmu.umax_page_level + 1;
635 637
636 638 /* restrict legacy applications from using pagesizes 1g and above */
637 639 mmu_legacy_page_sizes =
638 640 (mmu_exported_page_sizes > 2) ? 2 : mmu_exported_page_sizes;
639 641
640 642
641 643 for (i = 0; i <= mmu.max_page_level; ++i) {
642 644 mmu.pte_bits[i] = PT_VALID | pt_kern;
643 645 if (i > 0)
644 646 mmu.pte_bits[i] |= PT_PAGESIZE;
645 647 }
646 648
647 649 /*
648 650 * NOTE Legacy 32 bit PAE mode only has the P_VALID bit at top level.
649 651 */
650 652 for (i = 1; i < mmu.num_level; ++i)
651 653 mmu.ptp_bits[i] = PT_PTPBITS;
652 654
653 655 #if defined(__i386)
654 656 mmu.ptp_bits[2] = PT_VALID;
655 657 #endif
656 658
657 659 /*
658 660 * Compute how many hash table entries to have per process for htables.
659 661 * We start with 1 page's worth of entries.
660 662 *
661 663 * If physical memory is small, reduce the amount need to cover it.
662 664 */
663 665 max_htables = physmax / mmu.ptes_per_table;
664 666 mmu.hash_cnt = MMU_PAGESIZE / sizeof (htable_t *);
665 667 while (mmu.hash_cnt > 16 && mmu.hash_cnt >= max_htables)
666 668 mmu.hash_cnt >>= 1;
667 669 mmu.vlp_hash_cnt = mmu.hash_cnt;
668 670
669 671 #if defined(__amd64)
670 672 /*
671 673 * If running in 64 bits and physical memory is large,
672 674 * increase the size of the cache to cover all of memory for
673 675 * a 64 bit process.
674 676 */
675 677 #define HASH_MAX_LENGTH 4
676 678 while (mmu.hash_cnt * HASH_MAX_LENGTH < max_htables)
677 679 mmu.hash_cnt <<= 1;
678 680 #endif
679 681 }
680 682
681 683
682 684 /*
683 685 * initialize hat data structures
684 686 */
685 687 void
686 688 hat_init()
687 689 {
688 690 #if defined(__i386)
689 691 /*
690 692 * _userlimit must be aligned correctly
691 693 */
692 694 if ((_userlimit & LEVEL_MASK(1)) != _userlimit) {
693 695 prom_printf("hat_init(): _userlimit=%p, not aligned at %p\n",
694 696 (void *)_userlimit, (void *)LEVEL_SIZE(1));
695 697 halt("hat_init(): Unable to continue");
696 698 }
697 699 #endif
698 700
699 701 cv_init(&hat_list_cv, NULL, CV_DEFAULT, NULL);
700 702
701 703 /*
702 704 * initialize kmem caches
703 705 */
704 706 htable_init();
705 707 hment_init();
706 708
707 709 hat_cache = kmem_cache_create("hat_t",
708 710 sizeof (hat_t), 0, hati_constructor, NULL, NULL,
709 711 NULL, 0, 0);
710 712
711 713 hat_hash_cache = kmem_cache_create("HatHash",
712 714 mmu.hash_cnt * sizeof (htable_t *), 0, NULL, NULL, NULL,
713 715 NULL, 0, 0);
714 716
715 717 /*
716 718 * VLP hats can use a smaller hash table size on large memroy machines
717 719 */
718 720 if (mmu.hash_cnt == mmu.vlp_hash_cnt) {
719 721 vlp_hash_cache = hat_hash_cache;
720 722 } else {
721 723 vlp_hash_cache = kmem_cache_create("HatVlpHash",
722 724 mmu.vlp_hash_cnt * sizeof (htable_t *), 0, NULL, NULL, NULL,
723 725 NULL, 0, 0);
724 726 }
725 727
726 728 /*
727 729 * Set up the kernel's hat
728 730 */
729 731 AS_LOCK_ENTER(&kas, RW_WRITER);
730 732 kas.a_hat = kmem_cache_alloc(hat_cache, KM_NOSLEEP);
731 733 mutex_init(&kas.a_hat->hat_mutex, NULL, MUTEX_DEFAULT, NULL);
732 734 kas.a_hat->hat_as = &kas;
733 735 kas.a_hat->hat_flags = 0;
734 736 AS_LOCK_EXIT(&kas);
735 737
736 738 CPUSET_ZERO(khat_cpuset);
737 739 CPUSET_ADD(khat_cpuset, CPU->cpu_id);
738 740
739 741 /*
740 742 * The kernel hat's next pointer serves as the head of the hat list .
741 743 * The kernel hat's prev pointer tracks the last hat on the list for
742 744 * htable_steal() to use.
743 745 */
744 746 kas.a_hat->hat_next = NULL;
745 747 kas.a_hat->hat_prev = NULL;
746 748
747 749 /*
748 750 * Allocate an htable hash bucket for the kernel
749 751 * XX64 - tune for 64 bit procs
750 752 */
751 753 kas.a_hat->hat_num_hash = mmu.hash_cnt;
752 754 kas.a_hat->hat_ht_hash = kmem_cache_alloc(hat_hash_cache, KM_NOSLEEP);
753 755 bzero(kas.a_hat->hat_ht_hash, mmu.hash_cnt * sizeof (htable_t *));
754 756
755 757 /*
756 758 * zero out the top level and cached htable pointers
757 759 */
758 760 kas.a_hat->hat_ht_cached = NULL;
759 761 kas.a_hat->hat_htable = NULL;
760 762
761 763 /*
762 764 * Pre-allocate hrm_hashtab before enabling the collection of
763 765 * refmod statistics. Allocating on the fly would mean us
764 766 * running the risk of suffering recursive mutex enters or
765 767 * deadlocks.
766 768 */
767 769 hrm_hashtab = kmem_zalloc(HRM_HASHSIZE * sizeof (struct hrmstat *),
768 770 KM_SLEEP);
769 771 }
770 772
771 773 /*
772 774 * Prepare CPU specific pagetables for VLP processes on 64 bit kernels.
773 775 *
774 776 * Each CPU has a set of 2 pagetables that are reused for any 32 bit
775 777 * process it runs. They are the top level pagetable, hci_vlp_l3ptes, and
776 778 * the next to top level table for the bottom 512 Gig, hci_vlp_l2ptes.
777 779 */
778 780 /*ARGSUSED*/
779 781 static void
780 782 hat_vlp_setup(struct cpu *cpu)
781 783 {
782 784 #if defined(__amd64) && !defined(__xpv)
783 785 struct hat_cpu_info *hci = cpu->cpu_hat_info;
784 786 pfn_t pfn;
785 787
786 788 /*
787 789 * allocate the level==2 page table for the bottom most
788 790 * 512Gig of address space (this is where 32 bit apps live)
789 791 */
790 792 ASSERT(hci != NULL);
791 793 hci->hci_vlp_l2ptes = kmem_zalloc(MMU_PAGESIZE, KM_SLEEP);
792 794
793 795 /*
794 796 * Allocate a top level pagetable and copy the kernel's
795 797 * entries into it. Then link in hci_vlp_l2ptes in the 1st entry.
796 798 */
797 799 hci->hci_vlp_l3ptes = kmem_zalloc(MMU_PAGESIZE, KM_SLEEP);
798 800 hci->hci_vlp_pfn =
799 801 hat_getpfnum(kas.a_hat, (caddr_t)hci->hci_vlp_l3ptes);
800 802 ASSERT(hci->hci_vlp_pfn != PFN_INVALID);
801 803 bcopy(vlp_page, hci->hci_vlp_l3ptes, MMU_PAGESIZE);
802 804
803 805 pfn = hat_getpfnum(kas.a_hat, (caddr_t)hci->hci_vlp_l2ptes);
804 806 ASSERT(pfn != PFN_INVALID);
805 807 hci->hci_vlp_l3ptes[0] = MAKEPTP(pfn, 2);
806 808 #endif /* __amd64 && !__xpv */
807 809 }
808 810
809 811 /*ARGSUSED*/
810 812 static void
811 813 hat_vlp_teardown(cpu_t *cpu)
812 814 {
813 815 #if defined(__amd64) && !defined(__xpv)
814 816 struct hat_cpu_info *hci;
815 817
816 818 if ((hci = cpu->cpu_hat_info) == NULL)
817 819 return;
818 820 if (hci->hci_vlp_l2ptes)
819 821 kmem_free(hci->hci_vlp_l2ptes, MMU_PAGESIZE);
820 822 if (hci->hci_vlp_l3ptes)
821 823 kmem_free(hci->hci_vlp_l3ptes, MMU_PAGESIZE);
822 824 #endif
823 825 }
824 826
825 827 #define NEXT_HKR(r, l, s, e) { \
826 828 kernel_ranges[r].hkr_level = l; \
827 829 kernel_ranges[r].hkr_start_va = s; \
828 830 kernel_ranges[r].hkr_end_va = e; \
829 831 ++r; \
830 832 }
831 833
832 834 /*
833 835 * Finish filling in the kernel hat.
834 836 * Pre fill in all top level kernel page table entries for the kernel's
835 837 * part of the address range. From this point on we can't use any new
836 838 * kernel large pages if they need PTE's at max_level
837 839 *
838 840 * create the kmap mappings.
839 841 */
840 842 void
841 843 hat_init_finish(void)
842 844 {
843 845 size_t size;
844 846 uint_t r = 0;
845 847 uintptr_t va;
846 848 hat_kernel_range_t *rp;
847 849
848 850
849 851 /*
850 852 * We are now effectively running on the kernel hat.
851 853 * Clearing use_boot_reserve shuts off using the pre-allocated boot
852 854 * reserve for all HAT allocations. From here on, the reserves are
853 855 * only used when avoiding recursion in kmem_alloc().
854 856 */
855 857 use_boot_reserve = 0;
856 858 htable_adjust_reserve();
857 859
858 860 /*
859 861 * User HATs are initialized with copies of all kernel mappings in
860 862 * higher level page tables. Ensure that those entries exist.
861 863 */
862 864 #if defined(__amd64)
863 865
864 866 NEXT_HKR(r, 3, kernelbase, 0);
865 867 #if defined(__xpv)
866 868 NEXT_HKR(r, 3, HYPERVISOR_VIRT_START, HYPERVISOR_VIRT_END);
867 869 #endif
868 870
869 871 #elif defined(__i386)
870 872
871 873 #if !defined(__xpv)
872 874 if (mmu.pae_hat) {
873 875 va = kernelbase;
874 876 if ((va & LEVEL_MASK(2)) != va) {
875 877 va = P2ROUNDUP(va, LEVEL_SIZE(2));
876 878 NEXT_HKR(r, 1, kernelbase, va);
877 879 }
878 880 if (va != 0)
879 881 NEXT_HKR(r, 2, va, 0);
880 882 } else
881 883 #endif /* __xpv */
882 884 NEXT_HKR(r, 1, kernelbase, 0);
883 885
884 886 #endif /* __i386 */
885 887
886 888 num_kernel_ranges = r;
887 889
888 890 /*
889 891 * Create all the kernel pagetables that will have entries
890 892 * shared to user HATs.
891 893 */
892 894 for (r = 0; r < num_kernel_ranges; ++r) {
893 895 rp = &kernel_ranges[r];
894 896 for (va = rp->hkr_start_va; va != rp->hkr_end_va;
895 897 va += LEVEL_SIZE(rp->hkr_level)) {
896 898 htable_t *ht;
897 899
898 900 if (IN_HYPERVISOR_VA(va))
899 901 continue;
900 902
901 903 /* can/must skip if a page mapping already exists */
902 904 if (rp->hkr_level <= mmu.max_page_level &&
903 905 (ht = htable_getpage(kas.a_hat, va, NULL)) !=
904 906 NULL) {
905 907 htable_release(ht);
906 908 continue;
907 909 }
908 910
909 911 (void) htable_create(kas.a_hat, va, rp->hkr_level - 1,
910 912 NULL);
911 913 }
912 914 }
913 915
914 916 /*
915 917 * 32 bit PAE metal kernels use only 4 of the 512 entries in the
916 918 * page holding the top level pagetable. We use the remainder for
917 919 * the "per CPU" page tables for VLP processes.
918 920 * Map the top level kernel pagetable into the kernel to make
919 921 * it easy to use bcopy access these tables.
920 922 */
921 923 if (mmu.pae_hat) {
922 924 vlp_page = vmem_alloc(heap_arena, MMU_PAGESIZE, VM_SLEEP);
923 925 hat_devload(kas.a_hat, (caddr_t)vlp_page, MMU_PAGESIZE,
924 926 kas.a_hat->hat_htable->ht_pfn,
925 927 #if !defined(__xpv)
926 928 PROT_WRITE |
927 929 #endif
928 930 PROT_READ | HAT_NOSYNC | HAT_UNORDERED_OK,
929 931 HAT_LOAD | HAT_LOAD_NOCONSIST);
930 932 }
931 933 hat_vlp_setup(CPU);
932 934
933 935 /*
934 936 * Create kmap (cached mappings of kernel PTEs)
935 937 * for 32 bit we map from segmap_start .. ekernelheap
936 938 * for 64 bit we map from segmap_start .. segmap_start + segmapsize;
937 939 */
938 940 #if defined(__i386)
939 941 size = (uintptr_t)ekernelheap - segmap_start;
940 942 #elif defined(__amd64)
941 943 size = segmapsize;
942 944 #endif
943 945 hat_kmap_init((uintptr_t)segmap_start, size);
944 946 }
945 947
946 948 /*
947 949 * On 32 bit PAE mode, PTE's are 64 bits, but ordinary atomic memory references
948 950 * are 32 bit, so for safety we must use atomic_cas_64() to install these.
949 951 */
950 952 #ifdef __i386
951 953 static void
952 954 reload_pae32(hat_t *hat, cpu_t *cpu)
953 955 {
954 956 x86pte_t *src;
955 957 x86pte_t *dest;
956 958 x86pte_t pte;
957 959 int i;
958 960
959 961 /*
960 962 * Load the 4 entries of the level 2 page table into this
961 963 * cpu's range of the vlp_page and point cr3 at them.
962 964 */
963 965 ASSERT(mmu.pae_hat);
964 966 src = hat->hat_vlp_ptes;
965 967 dest = vlp_page + (cpu->cpu_id + 1) * VLP_NUM_PTES;
966 968 for (i = 0; i < VLP_NUM_PTES; ++i) {
967 969 for (;;) {
968 970 pte = dest[i];
969 971 if (pte == src[i])
970 972 break;
971 973 if (atomic_cas_64(dest + i, pte, src[i]) != src[i])
972 974 break;
973 975 }
974 976 }
975 977 }
976 978 #endif
977 979
978 980 /*
979 981 * Switch to a new active hat, maintaining bit masks to track active CPUs.
980 982 *
981 983 * On the 32-bit PAE hypervisor, %cr3 is a 64-bit value, on metal it
982 984 * remains a 32-bit value.
983 985 */
984 986 void
985 987 hat_switch(hat_t *hat)
986 988 {
987 989 uint64_t newcr3;
988 990 cpu_t *cpu = CPU;
989 991 hat_t *old = cpu->cpu_current_hat;
990 992
991 993 /*
992 994 * set up this information first, so we don't miss any cross calls
993 995 */
994 996 if (old != NULL) {
995 997 if (old == hat)
996 998 return;
997 999 if (old != kas.a_hat)
998 1000 CPUSET_ATOMIC_DEL(old->hat_cpus, cpu->cpu_id);
999 1001 }
1000 1002
1001 1003 /*
1002 1004 * Add this CPU to the active set for this HAT.
1003 1005 */
1004 1006 if (hat != kas.a_hat) {
1005 1007 CPUSET_ATOMIC_ADD(hat->hat_cpus, cpu->cpu_id);
1006 1008 }
1007 1009 cpu->cpu_current_hat = hat;
1008 1010
1009 1011 /*
1010 1012 * now go ahead and load cr3
1011 1013 */
1012 1014 if (hat->hat_flags & HAT_VLP) {
1013 1015 #if defined(__amd64)
1014 1016 x86pte_t *vlpptep = cpu->cpu_hat_info->hci_vlp_l2ptes;
1015 1017
1016 1018 VLP_COPY(hat->hat_vlp_ptes, vlpptep);
1017 1019 newcr3 = MAKECR3(cpu->cpu_hat_info->hci_vlp_pfn);
1018 1020 #elif defined(__i386)
1019 1021 reload_pae32(hat, cpu);
1020 1022 newcr3 = MAKECR3(kas.a_hat->hat_htable->ht_pfn) +
1021 1023 (cpu->cpu_id + 1) * VLP_SIZE;
1022 1024 #endif
1023 1025 } else {
1024 1026 newcr3 = MAKECR3((uint64_t)hat->hat_htable->ht_pfn);
1025 1027 }
1026 1028 #ifdef __xpv
1027 1029 {
1028 1030 struct mmuext_op t[2];
1029 1031 uint_t retcnt;
1030 1032 uint_t opcnt = 1;
1031 1033
1032 1034 t[0].cmd = MMUEXT_NEW_BASEPTR;
1033 1035 t[0].arg1.mfn = mmu_btop(pa_to_ma(newcr3));
1034 1036 #if defined(__amd64)
1035 1037 /*
1036 1038 * There's an interesting problem here, as to what to
1037 1039 * actually specify when switching to the kernel hat.
1038 1040 * For now we'll reuse the kernel hat again.
1039 1041 */
1040 1042 t[1].cmd = MMUEXT_NEW_USER_BASEPTR;
1041 1043 if (hat == kas.a_hat)
1042 1044 t[1].arg1.mfn = mmu_btop(pa_to_ma(newcr3));
1043 1045 else
1044 1046 t[1].arg1.mfn = pfn_to_mfn(hat->hat_user_ptable);
1045 1047 ++opcnt;
1046 1048 #endif /* __amd64 */
1047 1049 if (HYPERVISOR_mmuext_op(t, opcnt, &retcnt, DOMID_SELF) < 0)
1048 1050 panic("HYPERVISOR_mmu_update() failed");
1049 1051 ASSERT(retcnt == opcnt);
1050 1052
1051 1053 }
1052 1054 #else
1053 1055 setcr3(newcr3);
1054 1056 #endif
1055 1057 ASSERT(cpu == CPU);
1056 1058 }
1057 1059
1058 1060 /*
1059 1061 * Utility to return a valid x86pte_t from protections, pfn, and level number
1060 1062 */
1061 1063 static x86pte_t
1062 1064 hati_mkpte(pfn_t pfn, uint_t attr, level_t level, uint_t flags)
1063 1065 {
1064 1066 x86pte_t pte;
1065 1067 uint_t cache_attr = attr & HAT_ORDER_MASK;
1066 1068
1067 1069 pte = MAKEPTE(pfn, level);
1068 1070
1069 1071 if (attr & PROT_WRITE)
1070 1072 PTE_SET(pte, PT_WRITABLE);
1071 1073
1072 1074 if (attr & PROT_USER)
1073 1075 PTE_SET(pte, PT_USER);
1074 1076
1075 1077 if (!(attr & PROT_EXEC))
1076 1078 PTE_SET(pte, mmu.pt_nx);
1077 1079
1078 1080 /*
1079 1081 * Set the software bits used track ref/mod sync's and hments.
1080 1082 * If not using REF/MOD, set them to avoid h/w rewriting PTEs.
1081 1083 */
1082 1084 if (flags & HAT_LOAD_NOCONSIST)
1083 1085 PTE_SET(pte, PT_NOCONSIST | PT_REF | PT_MOD);
1084 1086 else if (attr & HAT_NOSYNC)
1085 1087 PTE_SET(pte, PT_NOSYNC | PT_REF | PT_MOD);
1086 1088
1087 1089 /*
1088 1090 * Set the caching attributes in the PTE. The combination
1089 1091 * of attributes are poorly defined, so we pay attention
1090 1092 * to them in the given order.
1091 1093 *
1092 1094 * The test for HAT_STRICTORDER is different because it's defined
1093 1095 * as "0" - which was a stupid thing to do, but is too late to change!
1094 1096 */
1095 1097 if (cache_attr == HAT_STRICTORDER) {
1096 1098 PTE_SET(pte, PT_NOCACHE);
1097 1099 /*LINTED [Lint hates empty ifs, but it's the obvious way to do this] */
1098 1100 } else if (cache_attr & (HAT_UNORDERED_OK | HAT_STORECACHING_OK)) {
1099 1101 /* nothing to set */;
1100 1102 } else if (cache_attr & (HAT_MERGING_OK | HAT_LOADCACHING_OK)) {
1101 1103 PTE_SET(pte, PT_NOCACHE);
1102 1104 if (is_x86_feature(x86_featureset, X86FSET_PAT))
1103 1105 PTE_SET(pte, (level == 0) ? PT_PAT_4K : PT_PAT_LARGE);
1104 1106 else
1105 1107 PTE_SET(pte, PT_WRITETHRU);
1106 1108 } else {
1107 1109 panic("hati_mkpte(): bad caching attributes: %x\n", cache_attr);
1108 1110 }
1109 1111
1110 1112 return (pte);
1111 1113 }
1112 1114
1113 1115 /*
1114 1116 * Duplicate address translations of the parent to the child.
1115 1117 * This function really isn't used anymore.
1116 1118 */
1117 1119 /*ARGSUSED*/
1118 1120 int
1119 1121 hat_dup(hat_t *old, hat_t *new, caddr_t addr, size_t len, uint_t flag)
1120 1122 {
1121 1123 ASSERT((uintptr_t)addr < kernelbase);
1122 1124 ASSERT(new != kas.a_hat);
1123 1125 ASSERT(old != kas.a_hat);
1124 1126 return (0);
1125 1127 }
1126 1128
1127 1129 /*
1128 1130 * Allocate any hat resources required for a process being swapped in.
1129 1131 */
1130 1132 /*ARGSUSED*/
1131 1133 void
1132 1134 hat_swapin(hat_t *hat)
1133 1135 {
1134 1136 /* do nothing - we let everything fault back in */
1135 1137 }
1136 1138
1137 1139 /*
1138 1140 * Unload all translations associated with an address space of a process
1139 1141 * that is being swapped out.
1140 1142 */
1141 1143 void
1142 1144 hat_swapout(hat_t *hat)
1143 1145 {
1144 1146 uintptr_t vaddr = (uintptr_t)0;
1145 1147 uintptr_t eaddr = _userlimit;
1146 1148 htable_t *ht = NULL;
1147 1149 level_t l;
1148 1150
1149 1151 XPV_DISALLOW_MIGRATE();
1150 1152 /*
1151 1153 * We can't just call hat_unload(hat, 0, _userlimit...) here, because
1152 1154 * seg_spt and shared pagetables can't be swapped out.
1153 1155 * Take a look at segspt_shmswapout() - it's a big no-op.
1154 1156 *
1155 1157 * Instead we'll walk through all the address space and unload
1156 1158 * any mappings which we are sure are not shared, not locked.
1157 1159 */
1158 1160 ASSERT(IS_PAGEALIGNED(vaddr));
1159 1161 ASSERT(IS_PAGEALIGNED(eaddr));
1160 1162 ASSERT(AS_LOCK_HELD(hat->hat_as));
1161 1163 if ((uintptr_t)hat->hat_as->a_userlimit < eaddr)
1162 1164 eaddr = (uintptr_t)hat->hat_as->a_userlimit;
1163 1165
1164 1166 while (vaddr < eaddr) {
1165 1167 (void) htable_walk(hat, &ht, &vaddr, eaddr);
1166 1168 if (ht == NULL)
1167 1169 break;
1168 1170
1169 1171 ASSERT(!IN_VA_HOLE(vaddr));
1170 1172
1171 1173 /*
1172 1174 * If the page table is shared skip its entire range.
1173 1175 */
1174 1176 l = ht->ht_level;
1175 1177 if (ht->ht_flags & HTABLE_SHARED_PFN) {
1176 1178 vaddr = ht->ht_vaddr + LEVEL_SIZE(l + 1);
1177 1179 htable_release(ht);
1178 1180 ht = NULL;
1179 1181 continue;
1180 1182 }
1181 1183
1182 1184 /*
1183 1185 * If the page table has no locked entries, unload this one.
1184 1186 */
1185 1187 if (ht->ht_lock_cnt == 0)
1186 1188 hat_unload(hat, (caddr_t)vaddr, LEVEL_SIZE(l),
1187 1189 HAT_UNLOAD_UNMAP);
1188 1190
1189 1191 /*
1190 1192 * If we have a level 0 page table with locked entries,
1191 1193 * skip the entire page table, otherwise skip just one entry.
1192 1194 */
1193 1195 if (ht->ht_lock_cnt > 0 && l == 0)
1194 1196 vaddr = ht->ht_vaddr + LEVEL_SIZE(1);
1195 1197 else
1196 1198 vaddr += LEVEL_SIZE(l);
1197 1199 }
1198 1200 if (ht)
1199 1201 htable_release(ht);
1200 1202
1201 1203 /*
1202 1204 * We're in swapout because the system is low on memory, so
1203 1205 * go back and flush all the htables off the cached list.
1204 1206 */
1205 1207 htable_purge_hat(hat);
1206 1208 XPV_ALLOW_MIGRATE();
1207 1209 }
1208 1210
1209 1211 /*
1210 1212 * returns number of bytes that have valid mappings in hat.
1211 1213 */
1212 1214 size_t
1213 1215 hat_get_mapped_size(hat_t *hat)
1214 1216 {
1215 1217 size_t total = 0;
1216 1218 int l;
1217 1219
1218 1220 for (l = 0; l <= mmu.max_page_level; l++)
1219 1221 total += (hat->hat_pages_mapped[l] << LEVEL_SHIFT(l));
1220 1222 total += hat->hat_ism_pgcnt;
1221 1223
1222 1224 return (total);
1223 1225 }
1224 1226
1225 1227 /*
1226 1228 * enable/disable collection of stats for hat.
1227 1229 */
1228 1230 int
1229 1231 hat_stats_enable(hat_t *hat)
1230 1232 {
1231 1233 atomic_inc_32(&hat->hat_stats);
1232 1234 return (1);
1233 1235 }
1234 1236
1235 1237 void
1236 1238 hat_stats_disable(hat_t *hat)
1237 1239 {
1238 1240 atomic_dec_32(&hat->hat_stats);
1239 1241 }
1240 1242
1241 1243 /*
1242 1244 * Utility to sync the ref/mod bits from a page table entry to the page_t
1243 1245 * We must be holding the mapping list lock when this is called.
1244 1246 */
1245 1247 static void
1246 1248 hati_sync_pte_to_page(page_t *pp, x86pte_t pte, level_t level)
1247 1249 {
1248 1250 uint_t rm = 0;
1249 1251 pgcnt_t pgcnt;
1250 1252
1251 1253 if (PTE_GET(pte, PT_SOFTWARE) >= PT_NOSYNC)
1252 1254 return;
1253 1255
1254 1256 if (PTE_GET(pte, PT_REF))
1255 1257 rm |= P_REF;
1256 1258
1257 1259 if (PTE_GET(pte, PT_MOD))
1258 1260 rm |= P_MOD;
1259 1261
1260 1262 if (rm == 0)
1261 1263 return;
1262 1264
1263 1265 /*
1264 1266 * sync to all constituent pages of a large page
1265 1267 */
1266 1268 ASSERT(x86_hm_held(pp));
1267 1269 pgcnt = page_get_pagecnt(level);
1268 1270 ASSERT(IS_P2ALIGNED(pp->p_pagenum, pgcnt));
1269 1271 for (; pgcnt > 0; --pgcnt) {
1270 1272 /*
1271 1273 * hat_page_demote() can't decrease
1272 1274 * pszc below this mapping size
1273 1275 * since this large mapping existed after we
1274 1276 * took mlist lock.
1275 1277 */
1276 1278 ASSERT(pp->p_szc >= level);
1277 1279 hat_page_setattr(pp, rm);
1278 1280 ++pp;
1279 1281 }
1280 1282 }
1281 1283
1282 1284 /*
1283 1285 * This the set of PTE bits for PFN, permissions and caching
1284 1286 * that are allowed to change on a HAT_LOAD_REMAP
1285 1287 */
1286 1288 #define PT_REMAP_BITS \
1287 1289 (PT_PADDR | PT_NX | PT_WRITABLE | PT_WRITETHRU | \
1288 1290 PT_NOCACHE | PT_PAT_4K | PT_PAT_LARGE | PT_IGNORE | PT_REF | PT_MOD)
1289 1291
1290 1292 #define REMAPASSERT(EX) if (!(EX)) panic("hati_pte_map: " #EX)
1291 1293 /*
1292 1294 * Do the low-level work to get a mapping entered into a HAT's pagetables
1293 1295 * and in the mapping list of the associated page_t.
1294 1296 */
1295 1297 static int
1296 1298 hati_pte_map(
1297 1299 htable_t *ht,
1298 1300 uint_t entry,
1299 1301 page_t *pp,
1300 1302 x86pte_t pte,
1301 1303 int flags,
1302 1304 void *pte_ptr)
1303 1305 {
1304 1306 hat_t *hat = ht->ht_hat;
1305 1307 x86pte_t old_pte;
1306 1308 level_t l = ht->ht_level;
1307 1309 hment_t *hm;
1308 1310 uint_t is_consist;
1309 1311 uint_t is_locked;
1310 1312 int rv = 0;
1311 1313
1312 1314 /*
1313 1315 * Is this a consistent (ie. need mapping list lock) mapping?
1314 1316 */
1315 1317 is_consist = (pp != NULL && (flags & HAT_LOAD_NOCONSIST) == 0);
1316 1318
1317 1319 /*
1318 1320 * Track locked mapping count in the htable. Do this first,
1319 1321 * as we track locking even if there already is a mapping present.
1320 1322 */
1321 1323 is_locked = (flags & HAT_LOAD_LOCK) != 0 && hat != kas.a_hat;
1322 1324 if (is_locked)
1323 1325 HTABLE_LOCK_INC(ht);
1324 1326
1325 1327 /*
1326 1328 * Acquire the page's mapping list lock and get an hment to use.
1327 1329 * Note that hment_prepare() might return NULL.
1328 1330 */
1329 1331 if (is_consist) {
1330 1332 x86_hm_enter(pp);
1331 1333 hm = hment_prepare(ht, entry, pp);
1332 1334 }
1333 1335
1334 1336 /*
1335 1337 * Set the new pte, retrieving the old one at the same time.
1336 1338 */
1337 1339 old_pte = x86pte_set(ht, entry, pte, pte_ptr);
1338 1340
1339 1341 /*
1340 1342 * Did we get a large page / page table collision?
1341 1343 */
1342 1344 if (old_pte == LPAGE_ERROR) {
1343 1345 if (is_locked)
1344 1346 HTABLE_LOCK_DEC(ht);
1345 1347 rv = -1;
1346 1348 goto done;
1347 1349 }
1348 1350
1349 1351 /*
1350 1352 * If the mapping didn't change there is nothing more to do.
1351 1353 */
1352 1354 if (PTE_EQUIV(pte, old_pte))
1353 1355 goto done;
1354 1356
1355 1357 /*
1356 1358 * Install a new mapping in the page's mapping list
1357 1359 */
1358 1360 if (!PTE_ISVALID(old_pte)) {
1359 1361 if (is_consist) {
1360 1362 hment_assign(ht, entry, pp, hm);
1361 1363 x86_hm_exit(pp);
1362 1364 } else {
1363 1365 ASSERT(flags & HAT_LOAD_NOCONSIST);
1364 1366 }
1365 1367 #if defined(__amd64)
1366 1368 if (ht->ht_flags & HTABLE_VLP) {
1367 1369 cpu_t *cpu = CPU;
1368 1370 x86pte_t *vlpptep = cpu->cpu_hat_info->hci_vlp_l2ptes;
1369 1371 VLP_COPY(hat->hat_vlp_ptes, vlpptep);
1370 1372 }
1371 1373 #endif
1372 1374 HTABLE_INC(ht->ht_valid_cnt);
1373 1375 PGCNT_INC(hat, l);
1374 1376 return (rv);
1375 1377 }
1376 1378
1377 1379 /*
1378 1380 * Remap's are more complicated:
1379 1381 * - HAT_LOAD_REMAP must be specified if changing the pfn.
1380 1382 * We also require that NOCONSIST be specified.
1381 1383 * - Otherwise only permission or caching bits may change.
1382 1384 */
1383 1385 if (!PTE_ISPAGE(old_pte, l))
1384 1386 panic("non-null/page mapping pte=" FMT_PTE, old_pte);
1385 1387
1386 1388 if (PTE2PFN(old_pte, l) != PTE2PFN(pte, l)) {
1387 1389 REMAPASSERT(flags & HAT_LOAD_REMAP);
1388 1390 REMAPASSERT(flags & HAT_LOAD_NOCONSIST);
1389 1391 REMAPASSERT(PTE_GET(old_pte, PT_SOFTWARE) >= PT_NOCONSIST);
1390 1392 REMAPASSERT(pf_is_memory(PTE2PFN(old_pte, l)) ==
1391 1393 pf_is_memory(PTE2PFN(pte, l)));
1392 1394 REMAPASSERT(!is_consist);
1393 1395 }
1394 1396
1395 1397 /*
1396 1398 * We only let remaps change the certain bits in the PTE.
1397 1399 */
1398 1400 if (PTE_GET(old_pte, ~PT_REMAP_BITS) != PTE_GET(pte, ~PT_REMAP_BITS))
1399 1401 panic("remap bits changed: old_pte="FMT_PTE", pte="FMT_PTE"\n",
1400 1402 old_pte, pte);
1401 1403
1402 1404 /*
1403 1405 * We don't create any mapping list entries on a remap, so release
1404 1406 * any allocated hment after we drop the mapping list lock.
1405 1407 */
1406 1408 done:
1407 1409 if (is_consist) {
1408 1410 x86_hm_exit(pp);
1409 1411 if (hm != NULL)
1410 1412 hment_free(hm);
1411 1413 }
1412 1414 return (rv);
1413 1415 }
1414 1416
1415 1417 /*
1416 1418 * Internal routine to load a single page table entry. This only fails if
1417 1419 * we attempt to overwrite a page table link with a large page.
1418 1420 */
1419 1421 static int
1420 1422 hati_load_common(
1421 1423 hat_t *hat,
1422 1424 uintptr_t va,
1423 1425 page_t *pp,
1424 1426 uint_t attr,
1425 1427 uint_t flags,
1426 1428 level_t level,
1427 1429 pfn_t pfn)
1428 1430 {
1429 1431 htable_t *ht;
1430 1432 uint_t entry;
1431 1433 x86pte_t pte;
1432 1434 int rv = 0;
1433 1435
1434 1436 /*
1435 1437 * The number 16 is arbitrary and here to catch a recursion problem
1436 1438 * early before we blow out the kernel stack.
1437 1439 */
1438 1440 ++curthread->t_hatdepth;
1439 1441 ASSERT(curthread->t_hatdepth < 16);
1440 1442
1441 1443 ASSERT(hat == kas.a_hat || AS_LOCK_HELD(hat->hat_as));
1442 1444
1443 1445 if (flags & HAT_LOAD_SHARE)
1444 1446 hat->hat_flags |= HAT_SHARED;
1445 1447
1446 1448 /*
1447 1449 * Find the page table that maps this page if it already exists.
1448 1450 */
1449 1451 ht = htable_lookup(hat, va, level);
1450 1452
1451 1453 /*
1452 1454 * We must have HAT_LOAD_NOCONSIST if page_t is NULL.
1453 1455 */
1454 1456 if (pp == NULL)
1455 1457 flags |= HAT_LOAD_NOCONSIST;
1456 1458
1457 1459 if (ht == NULL) {
1458 1460 ht = htable_create(hat, va, level, NULL);
1459 1461 ASSERT(ht != NULL);
1460 1462 }
1461 1463 entry = htable_va2entry(va, ht);
1462 1464
1463 1465 /*
1464 1466 * a bunch of paranoid error checking
1465 1467 */
1466 1468 ASSERT(ht->ht_busy > 0);
1467 1469 if (ht->ht_vaddr > va || va > HTABLE_LAST_PAGE(ht))
1468 1470 panic("hati_load_common: bad htable %p, va %p",
1469 1471 (void *)ht, (void *)va);
1470 1472 ASSERT(ht->ht_level == level);
1471 1473
1472 1474 /*
1473 1475 * construct the new PTE
1474 1476 */
1475 1477 if (hat == kas.a_hat)
1476 1478 attr &= ~PROT_USER;
1477 1479 pte = hati_mkpte(pfn, attr, level, flags);
1478 1480 if (hat == kas.a_hat && va >= kernelbase)
1479 1481 PTE_SET(pte, mmu.pt_global);
1480 1482
1481 1483 /*
1482 1484 * establish the mapping
1483 1485 */
1484 1486 rv = hati_pte_map(ht, entry, pp, pte, flags, NULL);
1485 1487
1486 1488 /*
1487 1489 * release the htable and any reserves
1488 1490 */
1489 1491 htable_release(ht);
1490 1492 --curthread->t_hatdepth;
1491 1493 return (rv);
1492 1494 }
1493 1495
1494 1496 /*
1495 1497 * special case of hat_memload to deal with some kernel addrs for performance
1496 1498 */
1497 1499 static void
1498 1500 hat_kmap_load(
1499 1501 caddr_t addr,
1500 1502 page_t *pp,
1501 1503 uint_t attr,
1502 1504 uint_t flags)
1503 1505 {
1504 1506 uintptr_t va = (uintptr_t)addr;
1505 1507 x86pte_t pte;
1506 1508 pfn_t pfn = page_pptonum(pp);
1507 1509 pgcnt_t pg_off = mmu_btop(va - mmu.kmap_addr);
1508 1510 htable_t *ht;
1509 1511 uint_t entry;
1510 1512 void *pte_ptr;
1511 1513
1512 1514 /*
1513 1515 * construct the requested PTE
1514 1516 */
1515 1517 attr &= ~PROT_USER;
1516 1518 attr |= HAT_STORECACHING_OK;
1517 1519 pte = hati_mkpte(pfn, attr, 0, flags);
1518 1520 PTE_SET(pte, mmu.pt_global);
1519 1521
1520 1522 /*
1521 1523 * Figure out the pte_ptr and htable and use common code to finish up
1522 1524 */
1523 1525 if (mmu.pae_hat)
1524 1526 pte_ptr = mmu.kmap_ptes + pg_off;
1525 1527 else
1526 1528 pte_ptr = (x86pte32_t *)mmu.kmap_ptes + pg_off;
1527 1529 ht = mmu.kmap_htables[(va - mmu.kmap_htables[0]->ht_vaddr) >>
1528 1530 LEVEL_SHIFT(1)];
1529 1531 entry = htable_va2entry(va, ht);
1530 1532 ++curthread->t_hatdepth;
1531 1533 ASSERT(curthread->t_hatdepth < 16);
1532 1534 (void) hati_pte_map(ht, entry, pp, pte, flags, pte_ptr);
1533 1535 --curthread->t_hatdepth;
1534 1536 }
1535 1537
1536 1538 /*
1537 1539 * hat_memload() - load a translation to the given page struct
1538 1540 *
1539 1541 * Flags for hat_memload/hat_devload/hat_*attr.
1540 1542 *
1541 1543 * HAT_LOAD Default flags to load a translation to the page.
1542 1544 *
1543 1545 * HAT_LOAD_LOCK Lock down mapping resources; hat_map(), hat_memload(),
1544 1546 * and hat_devload().
1545 1547 *
1546 1548 * HAT_LOAD_NOCONSIST Do not add mapping to page_t mapping list.
1547 1549 * sets PT_NOCONSIST
1548 1550 *
1549 1551 * HAT_LOAD_SHARE A flag to hat_memload() to indicate h/w page tables
1550 1552 * that map some user pages (not kas) is shared by more
1551 1553 * than one process (eg. ISM).
1552 1554 *
1553 1555 * HAT_LOAD_REMAP Reload a valid pte with a different page frame.
1554 1556 *
1555 1557 * HAT_NO_KALLOC Do not kmem_alloc while creating the mapping; at this
1556 1558 * point, it's setting up mapping to allocate internal
1557 1559 * hat layer data structures. This flag forces hat layer
1558 1560 * to tap its reserves in order to prevent infinite
1559 1561 * recursion.
1560 1562 *
1561 1563 * The following is a protection attribute (like PROT_READ, etc.)
1562 1564 *
1563 1565 * HAT_NOSYNC set PT_NOSYNC - this mapping's ref/mod bits
1564 1566 * are never cleared.
1565 1567 *
1566 1568 * Installing new valid PTE's and creation of the mapping list
1567 1569 * entry are controlled under the same lock. It's derived from the
1568 1570 * page_t being mapped.
1569 1571 */
1570 1572 static uint_t supported_memload_flags =
1571 1573 HAT_LOAD | HAT_LOAD_LOCK | HAT_LOAD_ADV | HAT_LOAD_NOCONSIST |
1572 1574 HAT_LOAD_SHARE | HAT_NO_KALLOC | HAT_LOAD_REMAP | HAT_LOAD_TEXT;
1573 1575
1574 1576 void
1575 1577 hat_memload(
1576 1578 hat_t *hat,
1577 1579 caddr_t addr,
1578 1580 page_t *pp,
1579 1581 uint_t attr,
1580 1582 uint_t flags)
1581 1583 {
1582 1584 uintptr_t va = (uintptr_t)addr;
1583 1585 level_t level = 0;
1584 1586 pfn_t pfn = page_pptonum(pp);
1585 1587
1586 1588 XPV_DISALLOW_MIGRATE();
1587 1589 ASSERT(IS_PAGEALIGNED(va));
1588 1590 ASSERT(hat == kas.a_hat || va < _userlimit);
1589 1591 ASSERT(hat == kas.a_hat || AS_LOCK_HELD(hat->hat_as));
1590 1592 ASSERT((flags & supported_memload_flags) == flags);
1591 1593
1592 1594 ASSERT(!IN_VA_HOLE(va));
1593 1595 ASSERT(!PP_ISFREE(pp));
1594 1596
1595 1597 /*
1596 1598 * kernel address special case for performance.
1597 1599 */
1598 1600 if (mmu.kmap_addr <= va && va < mmu.kmap_eaddr) {
1599 1601 ASSERT(hat == kas.a_hat);
1600 1602 hat_kmap_load(addr, pp, attr, flags);
1601 1603 XPV_ALLOW_MIGRATE();
1602 1604 return;
1603 1605 }
1604 1606
1605 1607 /*
1606 1608 * This is used for memory with normal caching enabled, so
1607 1609 * always set HAT_STORECACHING_OK.
1608 1610 */
1609 1611 attr |= HAT_STORECACHING_OK;
1610 1612 if (hati_load_common(hat, va, pp, attr, flags, level, pfn) != 0)
1611 1613 panic("unexpected hati_load_common() failure");
1612 1614 XPV_ALLOW_MIGRATE();
1613 1615 }
1614 1616
1615 1617 /* ARGSUSED */
1616 1618 void
1617 1619 hat_memload_region(struct hat *hat, caddr_t addr, struct page *pp,
1618 1620 uint_t attr, uint_t flags, hat_region_cookie_t rcookie)
1619 1621 {
1620 1622 hat_memload(hat, addr, pp, attr, flags);
1621 1623 }
1622 1624
1623 1625 /*
1624 1626 * Load the given array of page structs using large pages when possible
1625 1627 */
1626 1628 void
1627 1629 hat_memload_array(
1628 1630 hat_t *hat,
1629 1631 caddr_t addr,
1630 1632 size_t len,
1631 1633 page_t **pages,
1632 1634 uint_t attr,
1633 1635 uint_t flags)
1634 1636 {
1635 1637 uintptr_t va = (uintptr_t)addr;
1636 1638 uintptr_t eaddr = va + len;
1637 1639 level_t level;
1638 1640 size_t pgsize;
1639 1641 pgcnt_t pgindx = 0;
1640 1642 pfn_t pfn;
1641 1643 pgcnt_t i;
1642 1644
1643 1645 XPV_DISALLOW_MIGRATE();
1644 1646 ASSERT(IS_PAGEALIGNED(va));
1645 1647 ASSERT(hat == kas.a_hat || va + len <= _userlimit);
1646 1648 ASSERT(hat == kas.a_hat || AS_LOCK_HELD(hat->hat_as));
1647 1649 ASSERT((flags & supported_memload_flags) == flags);
1648 1650
1649 1651 /*
1650 1652 * memload is used for memory with full caching enabled, so
1651 1653 * set HAT_STORECACHING_OK.
1652 1654 */
1653 1655 attr |= HAT_STORECACHING_OK;
1654 1656
1655 1657 /*
1656 1658 * handle all pages using largest possible pagesize
1657 1659 */
1658 1660 while (va < eaddr) {
1659 1661 /*
1660 1662 * decide what level mapping to use (ie. pagesize)
1661 1663 */
1662 1664 pfn = page_pptonum(pages[pgindx]);
1663 1665 for (level = mmu.max_page_level; ; --level) {
1664 1666 pgsize = LEVEL_SIZE(level);
1665 1667 if (level == 0)
1666 1668 break;
1667 1669
1668 1670 if (!IS_P2ALIGNED(va, pgsize) ||
1669 1671 (eaddr - va) < pgsize ||
1670 1672 !IS_P2ALIGNED(pfn_to_pa(pfn), pgsize))
1671 1673 continue;
1672 1674
1673 1675 /*
1674 1676 * To use a large mapping of this size, all the
1675 1677 * pages we are passed must be sequential subpages
1676 1678 * of the large page.
1677 1679 * hat_page_demote() can't change p_szc because
1678 1680 * all pages are locked.
1679 1681 */
1680 1682 if (pages[pgindx]->p_szc >= level) {
1681 1683 for (i = 0; i < mmu_btop(pgsize); ++i) {
1682 1684 if (pfn + i !=
1683 1685 page_pptonum(pages[pgindx + i]))
1684 1686 break;
1685 1687 ASSERT(pages[pgindx + i]->p_szc >=
1686 1688 level);
1687 1689 ASSERT(pages[pgindx] + i ==
1688 1690 pages[pgindx + i]);
1689 1691 }
1690 1692 if (i == mmu_btop(pgsize)) {
1691 1693 #ifdef DEBUG
1692 1694 if (level == 2)
1693 1695 map1gcnt++;
1694 1696 #endif
1695 1697 break;
1696 1698 }
1697 1699 }
1698 1700 }
1699 1701
1700 1702 /*
1701 1703 * Load this page mapping. If the load fails, try a smaller
1702 1704 * pagesize.
1703 1705 */
1704 1706 ASSERT(!IN_VA_HOLE(va));
1705 1707 while (hati_load_common(hat, va, pages[pgindx], attr,
1706 1708 flags, level, pfn) != 0) {
1707 1709 if (level == 0)
1708 1710 panic("unexpected hati_load_common() failure");
1709 1711 --level;
1710 1712 pgsize = LEVEL_SIZE(level);
1711 1713 }
1712 1714
1713 1715 /*
1714 1716 * move to next page
1715 1717 */
1716 1718 va += pgsize;
1717 1719 pgindx += mmu_btop(pgsize);
1718 1720 }
1719 1721 XPV_ALLOW_MIGRATE();
1720 1722 }
1721 1723
1722 1724 /* ARGSUSED */
1723 1725 void
1724 1726 hat_memload_array_region(struct hat *hat, caddr_t addr, size_t len,
1725 1727 struct page **pps, uint_t attr, uint_t flags,
1726 1728 hat_region_cookie_t rcookie)
1727 1729 {
1728 1730 hat_memload_array(hat, addr, len, pps, attr, flags);
1729 1731 }
1730 1732
1731 1733 /*
1732 1734 * void hat_devload(hat, addr, len, pf, attr, flags)
1733 1735 * load/lock the given page frame number
1734 1736 *
1735 1737 * Advisory ordering attributes. Apply only to device mappings.
1736 1738 *
1737 1739 * HAT_STRICTORDER: the CPU must issue the references in order, as the
1738 1740 * programmer specified. This is the default.
1739 1741 * HAT_UNORDERED_OK: the CPU may reorder the references (this is all kinds
1740 1742 * of reordering; store or load with store or load).
1741 1743 * HAT_MERGING_OK: merging and batching: the CPU may merge individual stores
1742 1744 * to consecutive locations (for example, turn two consecutive byte
1743 1745 * stores into one halfword store), and it may batch individual loads
1744 1746 * (for example, turn two consecutive byte loads into one halfword load).
1745 1747 * This also implies re-ordering.
1746 1748 * HAT_LOADCACHING_OK: the CPU may cache the data it fetches and reuse it
1747 1749 * until another store occurs. The default is to fetch new data
1748 1750 * on every load. This also implies merging.
1749 1751 * HAT_STORECACHING_OK: the CPU may keep the data in the cache and push it to
1750 1752 * the device (perhaps with other data) at a later time. The default is
1751 1753 * to push the data right away. This also implies load caching.
1752 1754 *
1753 1755 * Equivalent of hat_memload(), but can be used for device memory where
1754 1756 * there are no page_t's and we support additional flags (write merging, etc).
1755 1757 * Note that we can have large page mappings with this interface.
1756 1758 */
1757 1759 int supported_devload_flags = HAT_LOAD | HAT_LOAD_LOCK |
1758 1760 HAT_LOAD_NOCONSIST | HAT_STRICTORDER | HAT_UNORDERED_OK |
1759 1761 HAT_MERGING_OK | HAT_LOADCACHING_OK | HAT_STORECACHING_OK;
1760 1762
1761 1763 void
1762 1764 hat_devload(
1763 1765 hat_t *hat,
1764 1766 caddr_t addr,
1765 1767 size_t len,
1766 1768 pfn_t pfn,
1767 1769 uint_t attr,
1768 1770 int flags)
1769 1771 {
1770 1772 uintptr_t va = ALIGN2PAGE(addr);
1771 1773 uintptr_t eva = va + len;
1772 1774 level_t level;
1773 1775 size_t pgsize;
1774 1776 page_t *pp;
1775 1777 int f; /* per PTE copy of flags - maybe modified */
1776 1778 uint_t a; /* per PTE copy of attr */
1777 1779
1778 1780 XPV_DISALLOW_MIGRATE();
1779 1781 ASSERT(IS_PAGEALIGNED(va));
1780 1782 ASSERT(hat == kas.a_hat || eva <= _userlimit);
1781 1783 ASSERT(hat == kas.a_hat || AS_LOCK_HELD(hat->hat_as));
1782 1784 ASSERT((flags & supported_devload_flags) == flags);
1783 1785
1784 1786 /*
1785 1787 * handle all pages
1786 1788 */
1787 1789 while (va < eva) {
1788 1790
1789 1791 /*
1790 1792 * decide what level mapping to use (ie. pagesize)
1791 1793 */
1792 1794 for (level = mmu.max_page_level; ; --level) {
1793 1795 pgsize = LEVEL_SIZE(level);
1794 1796 if (level == 0)
1795 1797 break;
1796 1798 if (IS_P2ALIGNED(va, pgsize) &&
1797 1799 (eva - va) >= pgsize &&
1798 1800 IS_P2ALIGNED(pfn, mmu_btop(pgsize))) {
1799 1801 #ifdef DEBUG
1800 1802 if (level == 2)
1801 1803 map1gcnt++;
1802 1804 #endif
1803 1805 break;
1804 1806 }
1805 1807 }
1806 1808
1807 1809 /*
1808 1810 * If this is just memory then allow caching (this happens
1809 1811 * for the nucleus pages) - though HAT_PLAT_NOCACHE can be used
1810 1812 * to override that. If we don't have a page_t then make sure
1811 1813 * NOCONSIST is set.
1812 1814 */
1813 1815 a = attr;
1814 1816 f = flags;
1815 1817 if (!pf_is_memory(pfn))
1816 1818 f |= HAT_LOAD_NOCONSIST;
1817 1819 else if (!(a & HAT_PLAT_NOCACHE))
1818 1820 a |= HAT_STORECACHING_OK;
1819 1821
1820 1822 if (f & HAT_LOAD_NOCONSIST)
1821 1823 pp = NULL;
1822 1824 else
1823 1825 pp = page_numtopp_nolock(pfn);
1824 1826
1825 1827 /*
1826 1828 * Check to make sure we are really trying to map a valid
1827 1829 * memory page. The caller wishing to intentionally map
1828 1830 * free memory pages will have passed the HAT_LOAD_NOCONSIST
1829 1831 * flag, then pp will be NULL.
1830 1832 */
1831 1833 if (pp != NULL) {
1832 1834 if (PP_ISFREE(pp)) {
1833 1835 panic("hat_devload: loading "
1834 1836 "a mapping to free page %p", (void *)pp);
1835 1837 }
1836 1838
1837 1839 if (!PAGE_LOCKED(pp) && !PP_ISNORELOC(pp)) {
1838 1840 panic("hat_devload: loading a mapping "
1839 1841 "to an unlocked page %p",
1840 1842 (void *)pp);
1841 1843 }
1842 1844 }
1843 1845
1844 1846 /*
1845 1847 * load this page mapping
1846 1848 */
1847 1849 ASSERT(!IN_VA_HOLE(va));
1848 1850 while (hati_load_common(hat, va, pp, a, f, level, pfn) != 0) {
1849 1851 if (level == 0)
1850 1852 panic("unexpected hati_load_common() failure");
1851 1853 --level;
1852 1854 pgsize = LEVEL_SIZE(level);
1853 1855 }
1854 1856
1855 1857 /*
1856 1858 * move to next page
1857 1859 */
1858 1860 va += pgsize;
1859 1861 pfn += mmu_btop(pgsize);
1860 1862 }
1861 1863 XPV_ALLOW_MIGRATE();
1862 1864 }
1863 1865
1864 1866 /*
1865 1867 * void hat_unlock(hat, addr, len)
1866 1868 * unlock the mappings to a given range of addresses
1867 1869 *
1868 1870 * Locks are tracked by ht_lock_cnt in the htable.
1869 1871 */
1870 1872 void
1871 1873 hat_unlock(hat_t *hat, caddr_t addr, size_t len)
1872 1874 {
1873 1875 uintptr_t vaddr = (uintptr_t)addr;
1874 1876 uintptr_t eaddr = vaddr + len;
1875 1877 htable_t *ht = NULL;
1876 1878
1877 1879 /*
1878 1880 * kernel entries are always locked, we don't track lock counts
1879 1881 */
1880 1882 ASSERT(hat == kas.a_hat || eaddr <= _userlimit);
1881 1883 ASSERT(IS_PAGEALIGNED(vaddr));
1882 1884 ASSERT(IS_PAGEALIGNED(eaddr));
1883 1885 if (hat == kas.a_hat)
1884 1886 return;
1885 1887 if (eaddr > _userlimit)
1886 1888 panic("hat_unlock() address out of range - above _userlimit");
1887 1889
1888 1890 XPV_DISALLOW_MIGRATE();
1889 1891 ASSERT(AS_LOCK_HELD(hat->hat_as));
1890 1892 while (vaddr < eaddr) {
1891 1893 (void) htable_walk(hat, &ht, &vaddr, eaddr);
1892 1894 if (ht == NULL)
1893 1895 break;
1894 1896
1895 1897 ASSERT(!IN_VA_HOLE(vaddr));
1896 1898
1897 1899 if (ht->ht_lock_cnt < 1)
1898 1900 panic("hat_unlock(): lock_cnt < 1, "
1899 1901 "htable=%p, vaddr=%p\n", (void *)ht, (void *)vaddr);
1900 1902 HTABLE_LOCK_DEC(ht);
1901 1903
1902 1904 vaddr += LEVEL_SIZE(ht->ht_level);
1903 1905 }
1904 1906 if (ht)
1905 1907 htable_release(ht);
1906 1908 XPV_ALLOW_MIGRATE();
1907 1909 }
1908 1910
1909 1911 /* ARGSUSED */
1910 1912 void
1911 1913 hat_unlock_region(struct hat *hat, caddr_t addr, size_t len,
1912 1914 hat_region_cookie_t rcookie)
1913 1915 {
1914 1916 panic("No shared region support on x86");
1915 1917 }
1916 1918
1917 1919 #if !defined(__xpv)
1918 1920 /*
1919 1921 * Cross call service routine to demap a virtual page on
1920 1922 * the current CPU or flush all mappings in TLB.
1921 1923 */
1922 1924 /*ARGSUSED*/
1923 1925 static int
1924 1926 hati_demap_func(xc_arg_t a1, xc_arg_t a2, xc_arg_t a3)
1925 1927 {
1926 1928 hat_t *hat = (hat_t *)a1;
1927 1929 caddr_t addr = (caddr_t)a2;
1928 1930 size_t len = (size_t)a3;
1929 1931
1930 1932 /*
1931 1933 * If the target hat isn't the kernel and this CPU isn't operating
1932 1934 * in the target hat, we can ignore the cross call.
1933 1935 */
1934 1936 if (hat != kas.a_hat && hat != CPU->cpu_current_hat)
1935 1937 return (0);
1936 1938
1937 1939 /*
1938 1940 * For a normal address, we flush a range of contiguous mappings
1939 1941 */
1940 1942 if ((uintptr_t)addr != DEMAP_ALL_ADDR) {
1941 1943 for (size_t i = 0; i < len; i += MMU_PAGESIZE)
1942 1944 mmu_tlbflush_entry(addr + i);
1943 1945 return (0);
1944 1946 }
1945 1947
1946 1948 /*
1947 1949 * Otherwise we reload cr3 to effect a complete TLB flush.
1948 1950 *
1949 1951 * A reload of cr3 on a VLP process also means we must also recopy in
1950 1952 * the pte values from the struct hat
1951 1953 */
1952 1954 if (hat->hat_flags & HAT_VLP) {
1953 1955 #if defined(__amd64)
1954 1956 x86pte_t *vlpptep = CPU->cpu_hat_info->hci_vlp_l2ptes;
1955 1957
1956 1958 VLP_COPY(hat->hat_vlp_ptes, vlpptep);
1957 1959 #elif defined(__i386)
1958 1960 reload_pae32(hat, CPU);
1959 1961 #endif
1960 1962 }
1961 1963 reload_cr3();
1962 1964 return (0);
1963 1965 }
1964 1966
1965 1967 /*
1966 1968 * Flush all TLB entries, including global (ie. kernel) ones.
1967 1969 */
1968 1970 static void
1969 1971 flush_all_tlb_entries(void)
1970 1972 {
1971 1973 ulong_t cr4 = getcr4();
1972 1974
1973 1975 if (cr4 & CR4_PGE) {
1974 1976 setcr4(cr4 & ~(ulong_t)CR4_PGE);
1975 1977 setcr4(cr4);
1976 1978
1977 1979 /*
1978 1980 * 32 bit PAE also needs to always reload_cr3()
1979 1981 */
1980 1982 if (mmu.max_level == 2)
1981 1983 reload_cr3();
1982 1984 } else {
1983 1985 reload_cr3();
1984 1986 }
1985 1987 }
1986 1988
1987 1989 #define TLB_CPU_HALTED (01ul)
1988 1990 #define TLB_INVAL_ALL (02ul)
1989 1991 #define CAS_TLB_INFO(cpu, old, new) \
1990 1992 atomic_cas_ulong((ulong_t *)&(cpu)->cpu_m.mcpu_tlb_info, (old), (new))
1991 1993
1992 1994 /*
1993 1995 * Record that a CPU is going idle
1994 1996 */
1995 1997 void
1996 1998 tlb_going_idle(void)
1997 1999 {
1998 2000 atomic_or_ulong((ulong_t *)&CPU->cpu_m.mcpu_tlb_info, TLB_CPU_HALTED);
1999 2001 }
2000 2002
2001 2003 /*
2002 2004 * Service a delayed TLB flush if coming out of being idle.
2003 2005 * It will be called from cpu idle notification with interrupt disabled.
2004 2006 */
2005 2007 void
2006 2008 tlb_service(void)
2007 2009 {
2008 2010 ulong_t tlb_info;
2009 2011 ulong_t found;
2010 2012
2011 2013 /*
2012 2014 * We only have to do something if coming out of being idle.
2013 2015 */
2014 2016 tlb_info = CPU->cpu_m.mcpu_tlb_info;
2015 2017 if (tlb_info & TLB_CPU_HALTED) {
2016 2018 ASSERT(CPU->cpu_current_hat == kas.a_hat);
2017 2019
2018 2020 /*
2019 2021 * Atomic clear and fetch of old state.
2020 2022 */
2021 2023 while ((found = CAS_TLB_INFO(CPU, tlb_info, 0)) != tlb_info) {
2022 2024 ASSERT(found & TLB_CPU_HALTED);
2023 2025 tlb_info = found;
2024 2026 SMT_PAUSE();
2025 2027 }
2026 2028 if (tlb_info & TLB_INVAL_ALL)
2027 2029 flush_all_tlb_entries();
2028 2030 }
2029 2031 }
2030 2032 #endif /* !__xpv */
2031 2033
2032 2034 /*
2033 2035 * Internal routine to do cross calls to invalidate a range of pages on
2034 2036 * all CPUs using a given hat.
2035 2037 */
2036 2038 void
2037 2039 hat_tlb_inval_range(hat_t *hat, uintptr_t va, size_t len)
2038 2040 {
2039 2041 extern int flushes_require_xcalls; /* from mp_startup.c */
2040 2042 cpuset_t justme;
2041 2043 cpuset_t cpus_to_shootdown;
2042 2044 #ifndef __xpv
2043 2045 cpuset_t check_cpus;
2044 2046 cpu_t *cpup;
2045 2047 int c;
2046 2048 #endif
2047 2049
2048 2050 /*
2049 2051 * If the hat is being destroyed, there are no more users, so
2050 2052 * demap need not do anything.
2051 2053 */
2052 2054 if (hat->hat_flags & HAT_FREEING)
2053 2055 return;
2054 2056
2055 2057 /*
2056 2058 * If demapping from a shared pagetable, we best demap the
2057 2059 * entire set of user TLBs, since we don't know what addresses
2058 2060 * these were shared at.
2059 2061 */
2060 2062 if (hat->hat_flags & HAT_SHARED) {
2061 2063 hat = kas.a_hat;
2062 2064 va = DEMAP_ALL_ADDR;
2063 2065 }
2064 2066
2065 2067 /*
2066 2068 * if not running with multiple CPUs, don't use cross calls
2067 2069 */
2068 2070 if (panicstr || !flushes_require_xcalls) {
2069 2071 #ifdef __xpv
2070 2072 if (va == DEMAP_ALL_ADDR) {
2071 2073 xen_flush_tlb();
2072 2074 } else {
2073 2075 for (size_t i = 0; i < len; i += MMU_PAGESIZE)
2074 2076 xen_flush_va((caddr_t)(va + i));
2075 2077 }
2076 2078 #else
2077 2079 (void) hati_demap_func((xc_arg_t)hat,
2078 2080 (xc_arg_t)va, (xc_arg_t)len);
2079 2081 #endif
2080 2082 return;
2081 2083 }
2082 2084
2083 2085
2084 2086 /*
2085 2087 * Determine CPUs to shootdown. Kernel changes always do all CPUs.
2086 2088 * Otherwise it's just CPUs currently executing in this hat.
2087 2089 */
2088 2090 kpreempt_disable();
2089 2091 CPUSET_ONLY(justme, CPU->cpu_id);
2090 2092 if (hat == kas.a_hat)
2091 2093 cpus_to_shootdown = khat_cpuset;
2092 2094 else
2093 2095 cpus_to_shootdown = hat->hat_cpus;
2094 2096
2095 2097 #ifndef __xpv
2096 2098 /*
2097 2099 * If any CPUs in the set are idle, just request a delayed flush
2098 2100 * and avoid waking them up.
2099 2101 */
2100 2102 check_cpus = cpus_to_shootdown;
2101 2103 for (c = 0; c < NCPU && !CPUSET_ISNULL(check_cpus); ++c) {
2102 2104 ulong_t tlb_info;
2103 2105
2104 2106 if (!CPU_IN_SET(check_cpus, c))
2105 2107 continue;
2106 2108 CPUSET_DEL(check_cpus, c);
2107 2109 cpup = cpu[c];
2108 2110 if (cpup == NULL)
2109 2111 continue;
2110 2112
2111 2113 tlb_info = cpup->cpu_m.mcpu_tlb_info;
2112 2114 while (tlb_info == TLB_CPU_HALTED) {
2113 2115 (void) CAS_TLB_INFO(cpup, TLB_CPU_HALTED,
2114 2116 TLB_CPU_HALTED | TLB_INVAL_ALL);
2115 2117 SMT_PAUSE();
2116 2118 tlb_info = cpup->cpu_m.mcpu_tlb_info;
2117 2119 }
2118 2120 if (tlb_info == (TLB_CPU_HALTED | TLB_INVAL_ALL)) {
2119 2121 HATSTAT_INC(hs_tlb_inval_delayed);
2120 2122 CPUSET_DEL(cpus_to_shootdown, c);
2121 2123 }
2122 2124 }
2123 2125 #endif
2124 2126
2125 2127 if (CPUSET_ISNULL(cpus_to_shootdown) ||
2126 2128 CPUSET_ISEQUAL(cpus_to_shootdown, justme)) {
2127 2129
2128 2130 #ifdef __xpv
2129 2131 if (va == DEMAP_ALL_ADDR) {
2130 2132 xen_flush_tlb();
2131 2133 } else {
2132 2134 for (size_t i = 0; i < len; i += MMU_PAGESIZE)
2133 2135 xen_flush_va((caddr_t)(va + i));
2134 2136 }
2135 2137 #else
2136 2138 (void) hati_demap_func((xc_arg_t)hat,
2137 2139 (xc_arg_t)va, (xc_arg_t)len);
2138 2140 #endif
2139 2141
2140 2142 } else {
2141 2143
2142 2144 CPUSET_ADD(cpus_to_shootdown, CPU->cpu_id);
2143 2145 #ifdef __xpv
2144 2146 if (va == DEMAP_ALL_ADDR) {
2145 2147 xen_gflush_tlb(cpus_to_shootdown);
2146 2148 } else {
2147 2149 for (size_t i = 0; i < len; i += MMU_PAGESIZE) {
2148 2150 xen_gflush_va((caddr_t)(va + i),
2149 2151 cpus_to_shootdown);
2150 2152 }
2151 2153 }
2152 2154 #else
2153 2155 xc_call((xc_arg_t)hat, (xc_arg_t)va, (xc_arg_t)len,
2154 2156 CPUSET2BV(cpus_to_shootdown), hati_demap_func);
2155 2157 #endif
2156 2158
2157 2159 }
2158 2160 kpreempt_enable();
2159 2161 }
2160 2162
2161 2163 void
2162 2164 hat_tlb_inval(hat_t *hat, uintptr_t va)
2163 2165 {
2164 2166 hat_tlb_inval_range(hat, va, MMU_PAGESIZE);
2165 2167 }
2166 2168
2167 2169 /*
2168 2170 * Interior routine for HAT_UNLOADs from hat_unload_callback(),
2169 2171 * hat_kmap_unload() OR from hat_steal() code. This routine doesn't
2170 2172 * handle releasing of the htables.
2171 2173 */
2172 2174 void
2173 2175 hat_pte_unmap(
2174 2176 htable_t *ht,
2175 2177 uint_t entry,
2176 2178 uint_t flags,
2177 2179 x86pte_t old_pte,
2178 2180 void *pte_ptr,
2179 2181 boolean_t tlb)
2180 2182 {
2181 2183 hat_t *hat = ht->ht_hat;
2182 2184 hment_t *hm = NULL;
2183 2185 page_t *pp = NULL;
2184 2186 level_t l = ht->ht_level;
2185 2187 pfn_t pfn;
2186 2188
2187 2189 /*
2188 2190 * We always track the locking counts, even if nothing is unmapped
2189 2191 */
2190 2192 if ((flags & HAT_UNLOAD_UNLOCK) != 0 && hat != kas.a_hat) {
2191 2193 ASSERT(ht->ht_lock_cnt > 0);
2192 2194 HTABLE_LOCK_DEC(ht);
2193 2195 }
2194 2196
2195 2197 /*
2196 2198 * Figure out which page's mapping list lock to acquire using the PFN
2197 2199 * passed in "old" PTE. We then attempt to invalidate the PTE.
2198 2200 * If another thread, probably a hat_pageunload, has asynchronously
2199 2201 * unmapped/remapped this address we'll loop here.
2200 2202 */
2201 2203 ASSERT(ht->ht_busy > 0);
2202 2204 while (PTE_ISVALID(old_pte)) {
2203 2205 pfn = PTE2PFN(old_pte, l);
2204 2206 if (PTE_GET(old_pte, PT_SOFTWARE) >= PT_NOCONSIST) {
2205 2207 pp = NULL;
2206 2208 } else {
2207 2209 #ifdef __xpv
2208 2210 if (pfn == PFN_INVALID)
2209 2211 panic("Invalid PFN, but not PT_NOCONSIST");
2210 2212 #endif
2211 2213 pp = page_numtopp_nolock(pfn);
2212 2214 if (pp == NULL) {
2213 2215 panic("no page_t, not NOCONSIST: old_pte="
2214 2216 FMT_PTE " ht=%lx entry=0x%x pte_ptr=%lx",
2215 2217 old_pte, (uintptr_t)ht, entry,
2216 2218 (uintptr_t)pte_ptr);
2217 2219 }
2218 2220 x86_hm_enter(pp);
2219 2221 }
2220 2222
2221 2223 old_pte = x86pte_inval(ht, entry, old_pte, pte_ptr, tlb);
2222 2224
2223 2225 /*
2224 2226 * If the page hadn't changed we've unmapped it and can proceed
2225 2227 */
2226 2228 if (PTE_ISVALID(old_pte) && PTE2PFN(old_pte, l) == pfn)
2227 2229 break;
2228 2230
2229 2231 /*
2230 2232 * Otherwise, we'll have to retry with the current old_pte.
2231 2233 * Drop the hment lock, since the pfn may have changed.
2232 2234 */
2233 2235 if (pp != NULL) {
2234 2236 x86_hm_exit(pp);
2235 2237 pp = NULL;
2236 2238 } else {
2237 2239 ASSERT(PTE_GET(old_pte, PT_SOFTWARE) >= PT_NOCONSIST);
2238 2240 }
2239 2241 }
2240 2242
2241 2243 /*
2242 2244 * If the old mapping wasn't valid, there's nothing more to do
2243 2245 */
2244 2246 if (!PTE_ISVALID(old_pte)) {
2245 2247 if (pp != NULL)
2246 2248 x86_hm_exit(pp);
2247 2249 return;
2248 2250 }
2249 2251
2250 2252 /*
2251 2253 * Take care of syncing any MOD/REF bits and removing the hment.
2252 2254 */
2253 2255 if (pp != NULL) {
2254 2256 if (!(flags & HAT_UNLOAD_NOSYNC))
2255 2257 hati_sync_pte_to_page(pp, old_pte, l);
2256 2258 hm = hment_remove(pp, ht, entry);
2257 2259 x86_hm_exit(pp);
2258 2260 if (hm != NULL)
2259 2261 hment_free(hm);
2260 2262 }
2261 2263
2262 2264 /*
2263 2265 * Handle book keeping in the htable and hat
2264 2266 */
2265 2267 ASSERT(ht->ht_valid_cnt > 0);
2266 2268 HTABLE_DEC(ht->ht_valid_cnt);
2267 2269 PGCNT_DEC(hat, l);
2268 2270 }
2269 2271
2270 2272 /*
2271 2273 * very cheap unload implementation to special case some kernel addresses
2272 2274 */
2273 2275 static void
2274 2276 hat_kmap_unload(caddr_t addr, size_t len, uint_t flags)
2275 2277 {
2276 2278 uintptr_t va = (uintptr_t)addr;
2277 2279 uintptr_t eva = va + len;
2278 2280 pgcnt_t pg_index;
2279 2281 htable_t *ht;
2280 2282 uint_t entry;
2281 2283 x86pte_t *pte_ptr;
2282 2284 x86pte_t old_pte;
2283 2285
2284 2286 for (; va < eva; va += MMU_PAGESIZE) {
2285 2287 /*
2286 2288 * Get the PTE
2287 2289 */
2288 2290 pg_index = mmu_btop(va - mmu.kmap_addr);
2289 2291 pte_ptr = PT_INDEX_PTR(mmu.kmap_ptes, pg_index);
2290 2292 old_pte = GET_PTE(pte_ptr);
2291 2293
2292 2294 /*
2293 2295 * get the htable / entry
2294 2296 */
2295 2297 ht = mmu.kmap_htables[(va - mmu.kmap_htables[0]->ht_vaddr)
2296 2298 >> LEVEL_SHIFT(1)];
2297 2299 entry = htable_va2entry(va, ht);
2298 2300
2299 2301 /*
2300 2302 * use mostly common code to unmap it.
2301 2303 */
2302 2304 hat_pte_unmap(ht, entry, flags, old_pte, pte_ptr, B_TRUE);
2303 2305 }
2304 2306 }
2305 2307
2306 2308
2307 2309 /*
2308 2310 * unload a range of virtual address space (no callback)
2309 2311 */
2310 2312 void
2311 2313 hat_unload(hat_t *hat, caddr_t addr, size_t len, uint_t flags)
2312 2314 {
2313 2315 uintptr_t va = (uintptr_t)addr;
2314 2316
2315 2317 XPV_DISALLOW_MIGRATE();
2316 2318 ASSERT(hat == kas.a_hat || va + len <= _userlimit);
2317 2319
2318 2320 /*
2319 2321 * special case for performance.
2320 2322 */
2321 2323 if (mmu.kmap_addr <= va && va < mmu.kmap_eaddr) {
2322 2324 ASSERT(hat == kas.a_hat);
2323 2325 hat_kmap_unload(addr, len, flags);
2324 2326 } else {
2325 2327 hat_unload_callback(hat, addr, len, flags, NULL);
2326 2328 }
2327 2329 XPV_ALLOW_MIGRATE();
2328 2330 }
2329 2331
2330 2332 /*
2331 2333 * Do the callbacks for ranges being unloaded.
2332 2334 */
2333 2335 typedef struct range_info {
2334 2336 uintptr_t rng_va;
2335 2337 ulong_t rng_cnt;
2336 2338 level_t rng_level;
2337 2339 } range_info_t;
2338 2340
2339 2341 /*
2340 2342 * Invalidate the TLB, and perform the callback to the upper level VM system,
2341 2343 * for the specified ranges of contiguous pages.
2342 2344 */
2343 2345 static void
2344 2346 handle_ranges(hat_t *hat, hat_callback_t *cb, uint_t cnt, range_info_t *range)
2345 2347 {
2346 2348 while (cnt > 0) {
2347 2349 size_t len;
2348 2350
2349 2351 --cnt;
2350 2352 len = range[cnt].rng_cnt << LEVEL_SHIFT(range[cnt].rng_level);
2351 2353 hat_tlb_inval_range(hat, (uintptr_t)range[cnt].rng_va, len);
2352 2354
2353 2355 if (cb != NULL) {
2354 2356 cb->hcb_start_addr = (caddr_t)range[cnt].rng_va;
2355 2357 cb->hcb_end_addr = cb->hcb_start_addr;
2356 2358 cb->hcb_end_addr += len;
2357 2359 cb->hcb_function(cb);
2358 2360 }
2359 2361 }
2360 2362 }
2361 2363
2362 2364 /*
2363 2365 * Unload a given range of addresses (has optional callback)
2364 2366 *
2365 2367 * Flags:
2366 2368 * define HAT_UNLOAD 0x00
2367 2369 * define HAT_UNLOAD_NOSYNC 0x02
2368 2370 * define HAT_UNLOAD_UNLOCK 0x04
2369 2371 * define HAT_UNLOAD_OTHER 0x08 - not used
2370 2372 * define HAT_UNLOAD_UNMAP 0x10 - same as HAT_UNLOAD
2371 2373 */
2372 2374 #define MAX_UNLOAD_CNT (8)
2373 2375 void
2374 2376 hat_unload_callback(
2375 2377 hat_t *hat,
2376 2378 caddr_t addr,
2377 2379 size_t len,
2378 2380 uint_t flags,
2379 2381 hat_callback_t *cb)
2380 2382 {
2381 2383 uintptr_t vaddr = (uintptr_t)addr;
2382 2384 uintptr_t eaddr = vaddr + len;
2383 2385 htable_t *ht = NULL;
2384 2386 uint_t entry;
2385 2387 uintptr_t contig_va = (uintptr_t)-1L;
2386 2388 range_info_t r[MAX_UNLOAD_CNT];
2387 2389 uint_t r_cnt = 0;
2388 2390 x86pte_t old_pte;
2389 2391
2390 2392 XPV_DISALLOW_MIGRATE();
2391 2393 ASSERT(hat == kas.a_hat || eaddr <= _userlimit);
2392 2394 ASSERT(IS_PAGEALIGNED(vaddr));
2393 2395 ASSERT(IS_PAGEALIGNED(eaddr));
2394 2396
2395 2397 /*
2396 2398 * Special case a single page being unloaded for speed. This happens
2397 2399 * quite frequently, COW faults after a fork() for example.
2398 2400 */
2399 2401 if (cb == NULL && len == MMU_PAGESIZE) {
2400 2402 ht = htable_getpte(hat, vaddr, &entry, &old_pte, 0);
2401 2403 if (ht != NULL) {
2402 2404 if (PTE_ISVALID(old_pte)) {
2403 2405 hat_pte_unmap(ht, entry, flags, old_pte,
2404 2406 NULL, B_TRUE);
2405 2407 }
2406 2408 htable_release(ht);
2407 2409 }
2408 2410 XPV_ALLOW_MIGRATE();
2409 2411 return;
2410 2412 }
2411 2413
2412 2414 while (vaddr < eaddr) {
2413 2415 old_pte = htable_walk(hat, &ht, &vaddr, eaddr);
2414 2416 if (ht == NULL)
2415 2417 break;
2416 2418
2417 2419 ASSERT(!IN_VA_HOLE(vaddr));
2418 2420
2419 2421 if (vaddr < (uintptr_t)addr)
2420 2422 panic("hat_unload_callback(): unmap inside large page");
2421 2423
2422 2424 /*
2423 2425 * We'll do the call backs for contiguous ranges
2424 2426 */
2425 2427 if (vaddr != contig_va ||
2426 2428 (r_cnt > 0 && r[r_cnt - 1].rng_level != ht->ht_level)) {
2427 2429 if (r_cnt == MAX_UNLOAD_CNT) {
2428 2430 handle_ranges(hat, cb, r_cnt, r);
2429 2431 r_cnt = 0;
2430 2432 }
2431 2433 r[r_cnt].rng_va = vaddr;
2432 2434 r[r_cnt].rng_cnt = 0;
2433 2435 r[r_cnt].rng_level = ht->ht_level;
2434 2436 ++r_cnt;
2435 2437 }
2436 2438
2437 2439 /*
2438 2440 * Unload one mapping (for a single page) from the page tables.
2439 2441 * Note that we do not remove the mapping from the TLB yet,
2440 2442 * as indicated by the tlb=FALSE argument to hat_pte_unmap().
2441 2443 * handle_ranges() will clear the TLB entries with one call to
2442 2444 * hat_tlb_inval_range() per contiguous range. This is
2443 2445 * safe because the page can not be reused until the
2444 2446 * callback is made (or we return).
2445 2447 */
2446 2448 entry = htable_va2entry(vaddr, ht);
2447 2449 hat_pte_unmap(ht, entry, flags, old_pte, NULL, B_FALSE);
2448 2450 ASSERT(ht->ht_level <= mmu.max_page_level);
2449 2451 vaddr += LEVEL_SIZE(ht->ht_level);
2450 2452 contig_va = vaddr;
2451 2453 ++r[r_cnt - 1].rng_cnt;
2452 2454 }
2453 2455 if (ht)
2454 2456 htable_release(ht);
|
↓ open down ↓ |
2040 lines elided |
↑ open up ↑ |
2455 2457
2456 2458 /*
2457 2459 * handle last range for callbacks
2458 2460 */
2459 2461 if (r_cnt > 0)
2460 2462 handle_ranges(hat, cb, r_cnt, r);
2461 2463 XPV_ALLOW_MIGRATE();
2462 2464 }
2463 2465
2464 2466 /*
2465 - * Invalidate a virtual address translation on a slave CPU during
2466 - * panic() dumps.
2467 + * Flush the TLB for the local CPU
2468 + * Invoked from a slave CPU during panic() dumps.
2467 2469 */
2468 2470 void
2469 -hat_flush_range(hat_t *hat, caddr_t va, size_t size)
2471 +hat_flush(void)
2470 2472 {
2471 - ssize_t sz;
2472 - caddr_t endva = va + size;
2473 -
2474 - while (va < endva) {
2475 - sz = hat_getpagesize(hat, va);
2476 - if (sz < 0) {
2477 2473 #ifdef __xpv
2478 2474 xen_flush_tlb();
2479 2475 #else
2480 2476 flush_all_tlb_entries();
2481 2477 #endif
2482 - break;
2483 - }
2484 -#ifdef __xpv
2485 - xen_flush_va(va);
2486 -#else
2487 - mmu_tlbflush_entry(va);
2488 -#endif
2489 - va += sz;
2490 - }
2491 2478 }
2492 2479
2493 2480 /*
2494 2481 * synchronize mapping with software data structures
2495 2482 *
2496 2483 * This interface is currently only used by the working set monitor
2497 2484 * driver.
2498 2485 */
2499 2486 /*ARGSUSED*/
2500 2487 void
2501 2488 hat_sync(hat_t *hat, caddr_t addr, size_t len, uint_t flags)
2502 2489 {
2503 2490 uintptr_t vaddr = (uintptr_t)addr;
2504 2491 uintptr_t eaddr = vaddr + len;
2505 2492 htable_t *ht = NULL;
2506 2493 uint_t entry;
2507 2494 x86pte_t pte;
2508 2495 x86pte_t save_pte;
2509 2496 x86pte_t new;
2510 2497 page_t *pp;
2511 2498
2512 2499 ASSERT(!IN_VA_HOLE(vaddr));
2513 2500 ASSERT(IS_PAGEALIGNED(vaddr));
2514 2501 ASSERT(IS_PAGEALIGNED(eaddr));
2515 2502 ASSERT(hat == kas.a_hat || eaddr <= _userlimit);
2516 2503
2517 2504 XPV_DISALLOW_MIGRATE();
2518 2505 for (; vaddr < eaddr; vaddr += LEVEL_SIZE(ht->ht_level)) {
2519 2506 try_again:
2520 2507 pte = htable_walk(hat, &ht, &vaddr, eaddr);
2521 2508 if (ht == NULL)
2522 2509 break;
2523 2510 entry = htable_va2entry(vaddr, ht);
2524 2511
2525 2512 if (PTE_GET(pte, PT_SOFTWARE) >= PT_NOSYNC ||
2526 2513 PTE_GET(pte, PT_REF | PT_MOD) == 0)
2527 2514 continue;
2528 2515
2529 2516 /*
2530 2517 * We need to acquire the mapping list lock to protect
2531 2518 * against hat_pageunload(), hat_unload(), etc.
2532 2519 */
2533 2520 pp = page_numtopp_nolock(PTE2PFN(pte, ht->ht_level));
2534 2521 if (pp == NULL)
2535 2522 break;
2536 2523 x86_hm_enter(pp);
2537 2524 save_pte = pte;
2538 2525 pte = x86pte_get(ht, entry);
2539 2526 if (pte != save_pte) {
2540 2527 x86_hm_exit(pp);
2541 2528 goto try_again;
2542 2529 }
2543 2530 if (PTE_GET(pte, PT_SOFTWARE) >= PT_NOSYNC ||
2544 2531 PTE_GET(pte, PT_REF | PT_MOD) == 0) {
2545 2532 x86_hm_exit(pp);
2546 2533 continue;
2547 2534 }
2548 2535
2549 2536 /*
2550 2537 * Need to clear ref or mod bits. We may compete with
2551 2538 * hardware updating the R/M bits and have to try again.
2552 2539 */
2553 2540 if (flags == HAT_SYNC_ZERORM) {
2554 2541 new = pte;
2555 2542 PTE_CLR(new, PT_REF | PT_MOD);
2556 2543 pte = hati_update_pte(ht, entry, pte, new);
2557 2544 if (pte != 0) {
2558 2545 x86_hm_exit(pp);
2559 2546 goto try_again;
2560 2547 }
2561 2548 } else {
2562 2549 /*
2563 2550 * sync the PTE to the page_t
2564 2551 */
2565 2552 hati_sync_pte_to_page(pp, save_pte, ht->ht_level);
2566 2553 }
2567 2554 x86_hm_exit(pp);
2568 2555 }
2569 2556 if (ht)
2570 2557 htable_release(ht);
2571 2558 XPV_ALLOW_MIGRATE();
2572 2559 }
2573 2560
2574 2561 /*
2575 2562 * void hat_map(hat, addr, len, flags)
2576 2563 */
2577 2564 /*ARGSUSED*/
2578 2565 void
2579 2566 hat_map(hat_t *hat, caddr_t addr, size_t len, uint_t flags)
2580 2567 {
2581 2568 /* does nothing */
2582 2569 }
2583 2570
2584 2571 /*
2585 2572 * uint_t hat_getattr(hat, addr, *attr)
2586 2573 * returns attr for <hat,addr> in *attr. returns 0 if there was a
2587 2574 * mapping and *attr is valid, nonzero if there was no mapping and
2588 2575 * *attr is not valid.
2589 2576 */
2590 2577 uint_t
2591 2578 hat_getattr(hat_t *hat, caddr_t addr, uint_t *attr)
2592 2579 {
2593 2580 uintptr_t vaddr = ALIGN2PAGE(addr);
2594 2581 htable_t *ht = NULL;
2595 2582 x86pte_t pte;
2596 2583
2597 2584 ASSERT(hat == kas.a_hat || vaddr <= _userlimit);
2598 2585
2599 2586 if (IN_VA_HOLE(vaddr))
2600 2587 return ((uint_t)-1);
2601 2588
2602 2589 ht = htable_getpte(hat, vaddr, NULL, &pte, mmu.max_page_level);
2603 2590 if (ht == NULL)
2604 2591 return ((uint_t)-1);
2605 2592
2606 2593 if (!PTE_ISVALID(pte) || !PTE_ISPAGE(pte, ht->ht_level)) {
2607 2594 htable_release(ht);
2608 2595 return ((uint_t)-1);
2609 2596 }
2610 2597
2611 2598 *attr = PROT_READ;
2612 2599 if (PTE_GET(pte, PT_WRITABLE))
2613 2600 *attr |= PROT_WRITE;
2614 2601 if (PTE_GET(pte, PT_USER))
2615 2602 *attr |= PROT_USER;
2616 2603 if (!PTE_GET(pte, mmu.pt_nx))
2617 2604 *attr |= PROT_EXEC;
2618 2605 if (PTE_GET(pte, PT_SOFTWARE) >= PT_NOSYNC)
2619 2606 *attr |= HAT_NOSYNC;
2620 2607 htable_release(ht);
2621 2608 return (0);
2622 2609 }
2623 2610
2624 2611 /*
2625 2612 * hat_updateattr() applies the given attribute change to an existing mapping
2626 2613 */
2627 2614 #define HAT_LOAD_ATTR 1
2628 2615 #define HAT_SET_ATTR 2
2629 2616 #define HAT_CLR_ATTR 3
2630 2617
2631 2618 static void
2632 2619 hat_updateattr(hat_t *hat, caddr_t addr, size_t len, uint_t attr, int what)
2633 2620 {
2634 2621 uintptr_t vaddr = (uintptr_t)addr;
2635 2622 uintptr_t eaddr = (uintptr_t)addr + len;
2636 2623 htable_t *ht = NULL;
2637 2624 uint_t entry;
2638 2625 x86pte_t oldpte, newpte;
2639 2626 page_t *pp;
2640 2627
2641 2628 XPV_DISALLOW_MIGRATE();
2642 2629 ASSERT(IS_PAGEALIGNED(vaddr));
2643 2630 ASSERT(IS_PAGEALIGNED(eaddr));
2644 2631 ASSERT(hat == kas.a_hat || AS_LOCK_HELD(hat->hat_as));
2645 2632 for (; vaddr < eaddr; vaddr += LEVEL_SIZE(ht->ht_level)) {
2646 2633 try_again:
2647 2634 oldpte = htable_walk(hat, &ht, &vaddr, eaddr);
2648 2635 if (ht == NULL)
2649 2636 break;
2650 2637 if (PTE_GET(oldpte, PT_SOFTWARE) >= PT_NOCONSIST)
2651 2638 continue;
2652 2639
2653 2640 pp = page_numtopp_nolock(PTE2PFN(oldpte, ht->ht_level));
2654 2641 if (pp == NULL)
2655 2642 continue;
2656 2643 x86_hm_enter(pp);
2657 2644
2658 2645 newpte = oldpte;
2659 2646 /*
2660 2647 * We found a page table entry in the desired range,
2661 2648 * figure out the new attributes.
2662 2649 */
2663 2650 if (what == HAT_SET_ATTR || what == HAT_LOAD_ATTR) {
2664 2651 if ((attr & PROT_WRITE) &&
2665 2652 !PTE_GET(oldpte, PT_WRITABLE))
2666 2653 newpte |= PT_WRITABLE;
2667 2654
2668 2655 if ((attr & HAT_NOSYNC) &&
2669 2656 PTE_GET(oldpte, PT_SOFTWARE) < PT_NOSYNC)
2670 2657 newpte |= PT_NOSYNC;
2671 2658
2672 2659 if ((attr & PROT_EXEC) && PTE_GET(oldpte, mmu.pt_nx))
2673 2660 newpte &= ~mmu.pt_nx;
2674 2661 }
2675 2662
2676 2663 if (what == HAT_LOAD_ATTR) {
2677 2664 if (!(attr & PROT_WRITE) &&
2678 2665 PTE_GET(oldpte, PT_WRITABLE))
2679 2666 newpte &= ~PT_WRITABLE;
2680 2667
2681 2668 if (!(attr & HAT_NOSYNC) &&
2682 2669 PTE_GET(oldpte, PT_SOFTWARE) >= PT_NOSYNC)
2683 2670 newpte &= ~PT_SOFTWARE;
2684 2671
2685 2672 if (!(attr & PROT_EXEC) && !PTE_GET(oldpte, mmu.pt_nx))
2686 2673 newpte |= mmu.pt_nx;
2687 2674 }
2688 2675
2689 2676 if (what == HAT_CLR_ATTR) {
2690 2677 if ((attr & PROT_WRITE) && PTE_GET(oldpte, PT_WRITABLE))
2691 2678 newpte &= ~PT_WRITABLE;
2692 2679
2693 2680 if ((attr & HAT_NOSYNC) &&
2694 2681 PTE_GET(oldpte, PT_SOFTWARE) >= PT_NOSYNC)
2695 2682 newpte &= ~PT_SOFTWARE;
2696 2683
2697 2684 if ((attr & PROT_EXEC) && !PTE_GET(oldpte, mmu.pt_nx))
2698 2685 newpte |= mmu.pt_nx;
2699 2686 }
2700 2687
2701 2688 /*
2702 2689 * Ensure NOSYNC/NOCONSIST mappings have REF and MOD set.
2703 2690 * x86pte_set() depends on this.
2704 2691 */
2705 2692 if (PTE_GET(newpte, PT_SOFTWARE) >= PT_NOSYNC)
2706 2693 newpte |= PT_REF | PT_MOD;
2707 2694
2708 2695 /*
2709 2696 * what about PROT_READ or others? this code only handles:
2710 2697 * EXEC, WRITE, NOSYNC
2711 2698 */
2712 2699
2713 2700 /*
2714 2701 * If new PTE really changed, update the table.
2715 2702 */
2716 2703 if (newpte != oldpte) {
2717 2704 entry = htable_va2entry(vaddr, ht);
2718 2705 oldpte = hati_update_pte(ht, entry, oldpte, newpte);
2719 2706 if (oldpte != 0) {
2720 2707 x86_hm_exit(pp);
2721 2708 goto try_again;
2722 2709 }
2723 2710 }
2724 2711 x86_hm_exit(pp);
2725 2712 }
2726 2713 if (ht)
2727 2714 htable_release(ht);
2728 2715 XPV_ALLOW_MIGRATE();
2729 2716 }
2730 2717
2731 2718 /*
2732 2719 * Various wrappers for hat_updateattr()
2733 2720 */
2734 2721 void
2735 2722 hat_setattr(hat_t *hat, caddr_t addr, size_t len, uint_t attr)
2736 2723 {
2737 2724 ASSERT(hat == kas.a_hat || (uintptr_t)addr + len <= _userlimit);
2738 2725 hat_updateattr(hat, addr, len, attr, HAT_SET_ATTR);
2739 2726 }
2740 2727
2741 2728 void
2742 2729 hat_clrattr(hat_t *hat, caddr_t addr, size_t len, uint_t attr)
2743 2730 {
2744 2731 ASSERT(hat == kas.a_hat || (uintptr_t)addr + len <= _userlimit);
2745 2732 hat_updateattr(hat, addr, len, attr, HAT_CLR_ATTR);
2746 2733 }
2747 2734
2748 2735 void
2749 2736 hat_chgattr(hat_t *hat, caddr_t addr, size_t len, uint_t attr)
2750 2737 {
2751 2738 ASSERT(hat == kas.a_hat || (uintptr_t)addr + len <= _userlimit);
2752 2739 hat_updateattr(hat, addr, len, attr, HAT_LOAD_ATTR);
2753 2740 }
2754 2741
2755 2742 void
2756 2743 hat_chgprot(hat_t *hat, caddr_t addr, size_t len, uint_t vprot)
2757 2744 {
2758 2745 ASSERT(hat == kas.a_hat || (uintptr_t)addr + len <= _userlimit);
2759 2746 hat_updateattr(hat, addr, len, vprot & HAT_PROT_MASK, HAT_LOAD_ATTR);
2760 2747 }
2761 2748
2762 2749 /*
2763 2750 * size_t hat_getpagesize(hat, addr)
2764 2751 * returns pagesize in bytes for <hat, addr>. returns -1 of there is
2765 2752 * no mapping. This is an advisory call.
2766 2753 */
2767 2754 ssize_t
2768 2755 hat_getpagesize(hat_t *hat, caddr_t addr)
2769 2756 {
2770 2757 uintptr_t vaddr = ALIGN2PAGE(addr);
2771 2758 htable_t *ht;
2772 2759 size_t pagesize;
2773 2760
2774 2761 ASSERT(hat == kas.a_hat || vaddr <= _userlimit);
2775 2762 if (IN_VA_HOLE(vaddr))
2776 2763 return (-1);
2777 2764 ht = htable_getpage(hat, vaddr, NULL);
2778 2765 if (ht == NULL)
2779 2766 return (-1);
2780 2767 pagesize = LEVEL_SIZE(ht->ht_level);
2781 2768 htable_release(ht);
2782 2769 return (pagesize);
2783 2770 }
2784 2771
2785 2772
2786 2773
2787 2774 /*
2788 2775 * pfn_t hat_getpfnum(hat, addr)
2789 2776 * returns pfn for <hat, addr> or PFN_INVALID if mapping is invalid.
2790 2777 */
2791 2778 pfn_t
2792 2779 hat_getpfnum(hat_t *hat, caddr_t addr)
2793 2780 {
2794 2781 uintptr_t vaddr = ALIGN2PAGE(addr);
2795 2782 htable_t *ht;
2796 2783 uint_t entry;
2797 2784 pfn_t pfn = PFN_INVALID;
2798 2785
2799 2786 ASSERT(hat == kas.a_hat || vaddr <= _userlimit);
2800 2787 if (khat_running == 0)
2801 2788 return (PFN_INVALID);
2802 2789
2803 2790 if (IN_VA_HOLE(vaddr))
2804 2791 return (PFN_INVALID);
2805 2792
2806 2793 XPV_DISALLOW_MIGRATE();
2807 2794 /*
2808 2795 * A very common use of hat_getpfnum() is from the DDI for kernel pages.
2809 2796 * Use the kmap_ptes (which also covers the 32 bit heap) to speed
2810 2797 * this up.
2811 2798 */
2812 2799 if (mmu.kmap_addr <= vaddr && vaddr < mmu.kmap_eaddr) {
2813 2800 x86pte_t pte;
2814 2801 pgcnt_t pg_index;
2815 2802
2816 2803 pg_index = mmu_btop(vaddr - mmu.kmap_addr);
2817 2804 pte = GET_PTE(PT_INDEX_PTR(mmu.kmap_ptes, pg_index));
2818 2805 if (PTE_ISVALID(pte))
2819 2806 /*LINTED [use of constant 0 causes a lint warning] */
2820 2807 pfn = PTE2PFN(pte, 0);
2821 2808 XPV_ALLOW_MIGRATE();
2822 2809 return (pfn);
2823 2810 }
2824 2811
2825 2812 ht = htable_getpage(hat, vaddr, &entry);
2826 2813 if (ht == NULL) {
2827 2814 XPV_ALLOW_MIGRATE();
2828 2815 return (PFN_INVALID);
2829 2816 }
2830 2817 ASSERT(vaddr >= ht->ht_vaddr);
2831 2818 ASSERT(vaddr <= HTABLE_LAST_PAGE(ht));
2832 2819 pfn = PTE2PFN(x86pte_get(ht, entry), ht->ht_level);
2833 2820 if (ht->ht_level > 0)
2834 2821 pfn += mmu_btop(vaddr & LEVEL_OFFSET(ht->ht_level));
2835 2822 htable_release(ht);
2836 2823 XPV_ALLOW_MIGRATE();
2837 2824 return (pfn);
2838 2825 }
2839 2826
2840 2827 /*
2841 2828 * int hat_probe(hat, addr)
2842 2829 * return 0 if no valid mapping is present. Faster version
2843 2830 * of hat_getattr in certain architectures.
2844 2831 */
2845 2832 int
2846 2833 hat_probe(hat_t *hat, caddr_t addr)
2847 2834 {
2848 2835 uintptr_t vaddr = ALIGN2PAGE(addr);
2849 2836 uint_t entry;
2850 2837 htable_t *ht;
2851 2838 pgcnt_t pg_off;
2852 2839
2853 2840 ASSERT(hat == kas.a_hat || vaddr <= _userlimit);
2854 2841 ASSERT(hat == kas.a_hat || AS_LOCK_HELD(hat->hat_as));
2855 2842 if (IN_VA_HOLE(vaddr))
2856 2843 return (0);
2857 2844
2858 2845 /*
2859 2846 * Most common use of hat_probe is from segmap. We special case it
2860 2847 * for performance.
2861 2848 */
2862 2849 if (mmu.kmap_addr <= vaddr && vaddr < mmu.kmap_eaddr) {
2863 2850 pg_off = mmu_btop(vaddr - mmu.kmap_addr);
2864 2851 if (mmu.pae_hat)
2865 2852 return (PTE_ISVALID(mmu.kmap_ptes[pg_off]));
2866 2853 else
2867 2854 return (PTE_ISVALID(
2868 2855 ((x86pte32_t *)mmu.kmap_ptes)[pg_off]));
2869 2856 }
2870 2857
2871 2858 ht = htable_getpage(hat, vaddr, &entry);
2872 2859 htable_release(ht);
2873 2860 return (ht != NULL);
2874 2861 }
2875 2862
2876 2863 /*
2877 2864 * Find out if the segment for hat_share()/hat_unshare() is DISM or locked ISM.
2878 2865 */
2879 2866 static int
2880 2867 is_it_dism(hat_t *hat, caddr_t va)
2881 2868 {
2882 2869 struct seg *seg;
2883 2870 struct shm_data *shmd;
2884 2871 struct spt_data *sptd;
2885 2872
2886 2873 seg = as_findseg(hat->hat_as, va, 0);
2887 2874 ASSERT(seg != NULL);
2888 2875 ASSERT(seg->s_base <= va);
2889 2876 shmd = (struct shm_data *)seg->s_data;
2890 2877 ASSERT(shmd != NULL);
2891 2878 sptd = (struct spt_data *)shmd->shm_sptseg->s_data;
2892 2879 ASSERT(sptd != NULL);
2893 2880 if (sptd->spt_flags & SHM_PAGEABLE)
2894 2881 return (1);
2895 2882 return (0);
2896 2883 }
2897 2884
2898 2885 /*
2899 2886 * Simple implementation of ISM. hat_share() is similar to hat_memload_array(),
2900 2887 * except that we use the ism_hat's existing mappings to determine the pages
2901 2888 * and protections to use for this hat. If we find a full properly aligned
2902 2889 * and sized pagetable, we will attempt to share the pagetable itself.
2903 2890 */
2904 2891 /*ARGSUSED*/
2905 2892 int
2906 2893 hat_share(
2907 2894 hat_t *hat,
2908 2895 caddr_t addr,
2909 2896 hat_t *ism_hat,
2910 2897 caddr_t src_addr,
2911 2898 size_t len, /* almost useless value, see below.. */
2912 2899 uint_t ismszc)
2913 2900 {
2914 2901 uintptr_t vaddr_start = (uintptr_t)addr;
2915 2902 uintptr_t vaddr;
2916 2903 uintptr_t eaddr = vaddr_start + len;
2917 2904 uintptr_t ism_addr_start = (uintptr_t)src_addr;
2918 2905 uintptr_t ism_addr = ism_addr_start;
2919 2906 uintptr_t e_ism_addr = ism_addr + len;
2920 2907 htable_t *ism_ht = NULL;
2921 2908 htable_t *ht;
2922 2909 x86pte_t pte;
2923 2910 page_t *pp;
2924 2911 pfn_t pfn;
2925 2912 level_t l;
2926 2913 pgcnt_t pgcnt;
2927 2914 uint_t prot;
2928 2915 int is_dism;
2929 2916 int flags;
2930 2917
2931 2918 /*
2932 2919 * We might be asked to share an empty DISM hat by as_dup()
2933 2920 */
2934 2921 ASSERT(hat != kas.a_hat);
2935 2922 ASSERT(eaddr <= _userlimit);
2936 2923 if (!(ism_hat->hat_flags & HAT_SHARED)) {
2937 2924 ASSERT(hat_get_mapped_size(ism_hat) == 0);
2938 2925 return (0);
2939 2926 }
2940 2927 XPV_DISALLOW_MIGRATE();
2941 2928
2942 2929 /*
2943 2930 * The SPT segment driver often passes us a size larger than there are
2944 2931 * valid mappings. That's because it rounds the segment size up to a
2945 2932 * large pagesize, even if the actual memory mapped by ism_hat is less.
2946 2933 */
2947 2934 ASSERT(IS_PAGEALIGNED(vaddr_start));
2948 2935 ASSERT(IS_PAGEALIGNED(ism_addr_start));
2949 2936 ASSERT(ism_hat->hat_flags & HAT_SHARED);
2950 2937 is_dism = is_it_dism(hat, addr);
2951 2938 while (ism_addr < e_ism_addr) {
2952 2939 /*
2953 2940 * use htable_walk to get the next valid ISM mapping
2954 2941 */
2955 2942 pte = htable_walk(ism_hat, &ism_ht, &ism_addr, e_ism_addr);
2956 2943 if (ism_ht == NULL)
2957 2944 break;
2958 2945
2959 2946 /*
2960 2947 * First check to see if we already share the page table.
2961 2948 */
2962 2949 l = ism_ht->ht_level;
2963 2950 vaddr = vaddr_start + (ism_addr - ism_addr_start);
2964 2951 ht = htable_lookup(hat, vaddr, l);
2965 2952 if (ht != NULL) {
2966 2953 if (ht->ht_flags & HTABLE_SHARED_PFN)
2967 2954 goto shared;
2968 2955 htable_release(ht);
2969 2956 goto not_shared;
2970 2957 }
2971 2958
2972 2959 /*
2973 2960 * Can't ever share top table.
2974 2961 */
2975 2962 if (l == mmu.max_level)
2976 2963 goto not_shared;
2977 2964
2978 2965 /*
2979 2966 * Avoid level mismatches later due to DISM faults.
2980 2967 */
2981 2968 if (is_dism && l > 0)
2982 2969 goto not_shared;
2983 2970
2984 2971 /*
2985 2972 * addresses and lengths must align
2986 2973 * table must be fully populated
2987 2974 * no lower level page tables
2988 2975 */
2989 2976 if (ism_addr != ism_ht->ht_vaddr ||
2990 2977 (vaddr & LEVEL_OFFSET(l + 1)) != 0)
2991 2978 goto not_shared;
2992 2979
2993 2980 /*
2994 2981 * The range of address space must cover a full table.
2995 2982 */
2996 2983 if (e_ism_addr - ism_addr < LEVEL_SIZE(l + 1))
2997 2984 goto not_shared;
2998 2985
2999 2986 /*
3000 2987 * All entries in the ISM page table must be leaf PTEs.
3001 2988 */
3002 2989 if (l > 0) {
3003 2990 int e;
3004 2991
3005 2992 /*
3006 2993 * We know the 0th is from htable_walk() above.
3007 2994 */
3008 2995 for (e = 1; e < HTABLE_NUM_PTES(ism_ht); ++e) {
3009 2996 x86pte_t pte;
3010 2997 pte = x86pte_get(ism_ht, e);
3011 2998 if (!PTE_ISPAGE(pte, l))
3012 2999 goto not_shared;
3013 3000 }
3014 3001 }
3015 3002
3016 3003 /*
3017 3004 * share the page table
3018 3005 */
3019 3006 ht = htable_create(hat, vaddr, l, ism_ht);
3020 3007 shared:
3021 3008 ASSERT(ht->ht_flags & HTABLE_SHARED_PFN);
3022 3009 ASSERT(ht->ht_shares == ism_ht);
3023 3010 hat->hat_ism_pgcnt +=
3024 3011 (ism_ht->ht_valid_cnt - ht->ht_valid_cnt) <<
3025 3012 (LEVEL_SHIFT(ht->ht_level) - MMU_PAGESHIFT);
3026 3013 ht->ht_valid_cnt = ism_ht->ht_valid_cnt;
3027 3014 htable_release(ht);
3028 3015 ism_addr = ism_ht->ht_vaddr + LEVEL_SIZE(l + 1);
3029 3016 htable_release(ism_ht);
3030 3017 ism_ht = NULL;
3031 3018 continue;
3032 3019
3033 3020 not_shared:
3034 3021 /*
3035 3022 * Unable to share the page table. Instead we will
3036 3023 * create new mappings from the values in the ISM mappings.
3037 3024 * Figure out what level size mappings to use;
3038 3025 */
3039 3026 for (l = ism_ht->ht_level; l > 0; --l) {
3040 3027 if (LEVEL_SIZE(l) <= eaddr - vaddr &&
3041 3028 (vaddr & LEVEL_OFFSET(l)) == 0)
3042 3029 break;
3043 3030 }
3044 3031
3045 3032 /*
3046 3033 * The ISM mapping might be larger than the share area,
3047 3034 * be careful to truncate it if needed.
3048 3035 */
3049 3036 if (eaddr - vaddr >= LEVEL_SIZE(ism_ht->ht_level)) {
3050 3037 pgcnt = mmu_btop(LEVEL_SIZE(ism_ht->ht_level));
3051 3038 } else {
3052 3039 pgcnt = mmu_btop(eaddr - vaddr);
3053 3040 l = 0;
3054 3041 }
3055 3042
3056 3043 pfn = PTE2PFN(pte, ism_ht->ht_level);
3057 3044 ASSERT(pfn != PFN_INVALID);
3058 3045 while (pgcnt > 0) {
3059 3046 /*
3060 3047 * Make a new pte for the PFN for this level.
3061 3048 * Copy protections for the pte from the ISM pte.
3062 3049 */
3063 3050 pp = page_numtopp_nolock(pfn);
3064 3051 ASSERT(pp != NULL);
3065 3052
3066 3053 prot = PROT_USER | PROT_READ | HAT_UNORDERED_OK;
3067 3054 if (PTE_GET(pte, PT_WRITABLE))
3068 3055 prot |= PROT_WRITE;
3069 3056 if (!PTE_GET(pte, PT_NX))
3070 3057 prot |= PROT_EXEC;
3071 3058
3072 3059 flags = HAT_LOAD;
3073 3060 if (!is_dism)
3074 3061 flags |= HAT_LOAD_LOCK | HAT_LOAD_NOCONSIST;
3075 3062 while (hati_load_common(hat, vaddr, pp, prot, flags,
3076 3063 l, pfn) != 0) {
3077 3064 if (l == 0)
3078 3065 panic("hati_load_common() failure");
3079 3066 --l;
3080 3067 }
3081 3068
3082 3069 vaddr += LEVEL_SIZE(l);
3083 3070 ism_addr += LEVEL_SIZE(l);
3084 3071 pfn += mmu_btop(LEVEL_SIZE(l));
3085 3072 pgcnt -= mmu_btop(LEVEL_SIZE(l));
3086 3073 }
3087 3074 }
3088 3075 if (ism_ht != NULL)
3089 3076 htable_release(ism_ht);
3090 3077 XPV_ALLOW_MIGRATE();
3091 3078 return (0);
3092 3079 }
3093 3080
3094 3081
3095 3082 /*
3096 3083 * hat_unshare() is similar to hat_unload_callback(), but
3097 3084 * we have to look for empty shared pagetables. Note that
3098 3085 * hat_unshare() is always invoked against an entire segment.
3099 3086 */
3100 3087 /*ARGSUSED*/
3101 3088 void
3102 3089 hat_unshare(hat_t *hat, caddr_t addr, size_t len, uint_t ismszc)
3103 3090 {
3104 3091 uint64_t vaddr = (uintptr_t)addr;
3105 3092 uintptr_t eaddr = vaddr + len;
3106 3093 htable_t *ht = NULL;
3107 3094 uint_t need_demaps = 0;
3108 3095 int flags = HAT_UNLOAD_UNMAP;
3109 3096 level_t l;
3110 3097
3111 3098 ASSERT(hat != kas.a_hat);
3112 3099 ASSERT(eaddr <= _userlimit);
3113 3100 ASSERT(IS_PAGEALIGNED(vaddr));
3114 3101 ASSERT(IS_PAGEALIGNED(eaddr));
3115 3102 XPV_DISALLOW_MIGRATE();
3116 3103
3117 3104 /*
3118 3105 * First go through and remove any shared pagetables.
3119 3106 *
3120 3107 * Note that it's ok to delay the TLB shootdown till the entire range is
3121 3108 * finished, because if hat_pageunload() were to unload a shared
3122 3109 * pagetable page, its hat_tlb_inval() will do a global TLB invalidate.
3123 3110 */
3124 3111 l = mmu.max_page_level;
3125 3112 if (l == mmu.max_level)
3126 3113 --l;
3127 3114 for (; l >= 0; --l) {
3128 3115 for (vaddr = (uintptr_t)addr; vaddr < eaddr;
3129 3116 vaddr = (vaddr & LEVEL_MASK(l + 1)) + LEVEL_SIZE(l + 1)) {
3130 3117 ASSERT(!IN_VA_HOLE(vaddr));
3131 3118 /*
3132 3119 * find a pagetable that maps the current address
3133 3120 */
3134 3121 ht = htable_lookup(hat, vaddr, l);
3135 3122 if (ht == NULL)
3136 3123 continue;
3137 3124 if (ht->ht_flags & HTABLE_SHARED_PFN) {
3138 3125 /*
3139 3126 * clear page count, set valid_cnt to 0,
3140 3127 * let htable_release() finish the job
3141 3128 */
3142 3129 hat->hat_ism_pgcnt -= ht->ht_valid_cnt <<
3143 3130 (LEVEL_SHIFT(ht->ht_level) - MMU_PAGESHIFT);
3144 3131 ht->ht_valid_cnt = 0;
3145 3132 need_demaps = 1;
3146 3133 }
3147 3134 htable_release(ht);
3148 3135 }
3149 3136 }
3150 3137
3151 3138 /*
3152 3139 * flush the TLBs - since we're probably dealing with MANY mappings
3153 3140 * we do just one CR3 reload.
3154 3141 */
3155 3142 if (!(hat->hat_flags & HAT_FREEING) && need_demaps)
3156 3143 hat_tlb_inval(hat, DEMAP_ALL_ADDR);
3157 3144
3158 3145 /*
3159 3146 * Now go back and clean up any unaligned mappings that
3160 3147 * couldn't share pagetables.
3161 3148 */
3162 3149 if (!is_it_dism(hat, addr))
3163 3150 flags |= HAT_UNLOAD_UNLOCK;
3164 3151 hat_unload(hat, addr, len, flags);
3165 3152 XPV_ALLOW_MIGRATE();
3166 3153 }
3167 3154
3168 3155
3169 3156 /*
3170 3157 * hat_reserve() does nothing
3171 3158 */
3172 3159 /*ARGSUSED*/
3173 3160 void
3174 3161 hat_reserve(struct as *as, caddr_t addr, size_t len)
3175 3162 {
3176 3163 }
3177 3164
3178 3165
3179 3166 /*
3180 3167 * Called when all mappings to a page should have write permission removed.
3181 3168 * Mostly stolen from hat_pagesync()
3182 3169 */
3183 3170 static void
3184 3171 hati_page_clrwrt(struct page *pp)
3185 3172 {
3186 3173 hment_t *hm = NULL;
3187 3174 htable_t *ht;
3188 3175 uint_t entry;
3189 3176 x86pte_t old;
3190 3177 x86pte_t new;
3191 3178 uint_t pszc = 0;
3192 3179
3193 3180 XPV_DISALLOW_MIGRATE();
3194 3181 next_size:
3195 3182 /*
3196 3183 * walk thru the mapping list clearing write permission
3197 3184 */
3198 3185 x86_hm_enter(pp);
3199 3186 while ((hm = hment_walk(pp, &ht, &entry, hm)) != NULL) {
3200 3187 if (ht->ht_level < pszc)
3201 3188 continue;
3202 3189 old = x86pte_get(ht, entry);
3203 3190
3204 3191 for (;;) {
3205 3192 /*
3206 3193 * Is this mapping of interest?
3207 3194 */
3208 3195 if (PTE2PFN(old, ht->ht_level) != pp->p_pagenum ||
3209 3196 PTE_GET(old, PT_WRITABLE) == 0)
3210 3197 break;
3211 3198
3212 3199 /*
3213 3200 * Clear ref/mod writable bits. This requires cross
3214 3201 * calls to ensure any executing TLBs see cleared bits.
3215 3202 */
3216 3203 new = old;
3217 3204 PTE_CLR(new, PT_REF | PT_MOD | PT_WRITABLE);
3218 3205 old = hati_update_pte(ht, entry, old, new);
3219 3206 if (old != 0)
3220 3207 continue;
3221 3208
3222 3209 break;
3223 3210 }
3224 3211 }
3225 3212 x86_hm_exit(pp);
3226 3213 while (pszc < pp->p_szc) {
3227 3214 page_t *tpp;
3228 3215 pszc++;
3229 3216 tpp = PP_GROUPLEADER(pp, pszc);
3230 3217 if (pp != tpp) {
3231 3218 pp = tpp;
3232 3219 goto next_size;
3233 3220 }
3234 3221 }
3235 3222 XPV_ALLOW_MIGRATE();
3236 3223 }
3237 3224
3238 3225 /*
3239 3226 * void hat_page_setattr(pp, flag)
3240 3227 * void hat_page_clrattr(pp, flag)
3241 3228 * used to set/clr ref/mod bits.
3242 3229 */
3243 3230 void
3244 3231 hat_page_setattr(struct page *pp, uint_t flag)
3245 3232 {
3246 3233 vnode_t *vp = pp->p_vnode;
3247 3234 kmutex_t *vphm = NULL;
3248 3235 page_t **listp;
3249 3236 int noshuffle;
3250 3237
3251 3238 noshuffle = flag & P_NSH;
3252 3239 flag &= ~P_NSH;
3253 3240
3254 3241 if (PP_GETRM(pp, flag) == flag)
3255 3242 return;
3256 3243
3257 3244 if ((flag & P_MOD) != 0 && vp != NULL && IS_VMODSORT(vp) &&
3258 3245 !noshuffle) {
3259 3246 vphm = page_vnode_mutex(vp);
3260 3247 mutex_enter(vphm);
3261 3248 }
3262 3249
3263 3250 PP_SETRM(pp, flag);
3264 3251
3265 3252 if (vphm != NULL) {
3266 3253
3267 3254 /*
3268 3255 * Some File Systems examine v_pages for NULL w/o
3269 3256 * grabbing the vphm mutex. Must not let it become NULL when
3270 3257 * pp is the only page on the list.
3271 3258 */
3272 3259 if (pp->p_vpnext != pp) {
3273 3260 page_vpsub(&vp->v_pages, pp);
3274 3261 if (vp->v_pages != NULL)
3275 3262 listp = &vp->v_pages->p_vpprev->p_vpnext;
3276 3263 else
3277 3264 listp = &vp->v_pages;
3278 3265 page_vpadd(listp, pp);
3279 3266 }
3280 3267 mutex_exit(vphm);
3281 3268 }
3282 3269 }
3283 3270
3284 3271 void
3285 3272 hat_page_clrattr(struct page *pp, uint_t flag)
3286 3273 {
3287 3274 vnode_t *vp = pp->p_vnode;
3288 3275 ASSERT(!(flag & ~(P_MOD | P_REF | P_RO)));
3289 3276
3290 3277 /*
3291 3278 * Caller is expected to hold page's io lock for VMODSORT to work
3292 3279 * correctly with pvn_vplist_dirty() and pvn_getdirty() when mod
3293 3280 * bit is cleared.
3294 3281 * We don't have assert to avoid tripping some existing third party
3295 3282 * code. The dirty page is moved back to top of the v_page list
3296 3283 * after IO is done in pvn_write_done().
3297 3284 */
3298 3285 PP_CLRRM(pp, flag);
3299 3286
3300 3287 if ((flag & P_MOD) != 0 && vp != NULL && IS_VMODSORT(vp)) {
3301 3288
3302 3289 /*
3303 3290 * VMODSORT works by removing write permissions and getting
3304 3291 * a fault when a page is made dirty. At this point
3305 3292 * we need to remove write permission from all mappings
3306 3293 * to this page.
3307 3294 */
3308 3295 hati_page_clrwrt(pp);
3309 3296 }
3310 3297 }
3311 3298
3312 3299 /*
3313 3300 * If flag is specified, returns 0 if attribute is disabled
|
↓ open down ↓ |
813 lines elided |
↑ open up ↑ |
3314 3301 * and non zero if enabled. If flag specifes multiple attributes
3315 3302 * then returns 0 if ALL attributes are disabled. This is an advisory
3316 3303 * call.
3317 3304 */
3318 3305 uint_t
3319 3306 hat_page_getattr(struct page *pp, uint_t flag)
3320 3307 {
3321 3308 return (PP_GETRM(pp, flag));
3322 3309 }
3323 3310
3324 -
3325 3311 /*
3326 3312 * common code used by hat_pageunload() and hment_steal()
3327 3313 */
3328 3314 hment_t *
3329 3315 hati_page_unmap(page_t *pp, htable_t *ht, uint_t entry)
3330 3316 {
3331 3317 x86pte_t old_pte;
3332 3318 pfn_t pfn = pp->p_pagenum;
3333 3319 hment_t *hm;
3320 + hat_t *hat = ht->ht_hat;
3334 3321
3335 3322 /*
3323 + * There is a race between this function and the freeing of a HAT
3324 + * whose owning process is exiting; process exit code ignores htable
3325 + * reference counts.
3326 + * If the HAT is already freeing (HAT_FREEING) no-op this function.
3327 + * Otherwise increment hat_unmaps to block the hat from being free'd
3328 + * until this function completes.
3329 + */
3330 + mutex_enter(&hat_list_lock);
3331 + if (hat->hat_flags & HAT_FREEING) {
3332 + mutex_exit(&hat_list_lock);
3333 + x86_hm_exit(pp);
3334 + return (NULL);
3335 + }
3336 + ++(hat->hat_unmaps);
3337 + mutex_exit(&hat_list_lock);
3338 +
3339 + /*
3336 3340 * We need to acquire a hold on the htable in order to
3337 3341 * do the invalidate. We know the htable must exist, since
3338 3342 * unmap's don't release the htable until after removing any
3339 3343 * hment. Having x86_hm_enter() keeps that from proceeding.
3340 3344 */
3341 3345 htable_acquire(ht);
3342 3346
3343 3347 /*
3344 3348 * Invalidate the PTE and remove the hment.
3345 3349 */
3346 3350 old_pte = x86pte_inval(ht, entry, 0, NULL, B_TRUE);
3347 3351 if (PTE2PFN(old_pte, ht->ht_level) != pfn) {
3348 3352 panic("x86pte_inval() failure found PTE = " FMT_PTE
3349 3353 " pfn being unmapped is %lx ht=0x%lx entry=0x%x",
3350 3354 old_pte, pfn, (uintptr_t)ht, entry);
3351 3355 }
3352 3356
3353 3357 /*
3354 3358 * Clean up all the htable information for this mapping
3355 3359 */
3356 3360 ASSERT(ht->ht_valid_cnt > 0);
3357 3361 HTABLE_DEC(ht->ht_valid_cnt);
3358 3362 PGCNT_DEC(ht->ht_hat, ht->ht_level);
3359 3363
3360 3364 /*
3361 3365 * sync ref/mod bits to the page_t
|
↓ open down ↓ |
16 lines elided |
↑ open up ↑ |
3362 3366 */
3363 3367 if (PTE_GET(old_pte, PT_SOFTWARE) < PT_NOSYNC)
3364 3368 hati_sync_pte_to_page(pp, old_pte, ht->ht_level);
3365 3369
3366 3370 /*
3367 3371 * Remove the mapping list entry for this page.
3368 3372 */
3369 3373 hm = hment_remove(pp, ht, entry);
3370 3374
3371 3375 /*
3372 - * drop the mapping list lock so that we might free the
3373 - * hment and htable.
3376 + * drop the mapping list lock so that we might free the hment and htable
3374 3377 */
3375 3378 x86_hm_exit(pp);
3376 3379 htable_release(ht);
3380 +
3381 + mutex_enter(&hat_list_lock);
3382 + --(hat->hat_unmaps);
3383 + cv_broadcast(&hat_list_cv);
3384 + mutex_exit(&hat_list_lock);
3377 3385 return (hm);
3378 3386 }
3379 3387
3380 3388 extern int vpm_enable;
3381 3389 /*
3382 3390 * Unload all translations to a page. If the page is a subpage of a large
3383 3391 * page, the large page mappings are also removed.
3384 3392 *
3385 3393 * The forceflags are unused.
3386 3394 */
3387 3395
3388 3396 /*ARGSUSED*/
3389 3397 static int
3390 3398 hati_pageunload(struct page *pp, uint_t pg_szcd, uint_t forceflag)
3391 3399 {
3392 3400 page_t *cur_pp = pp;
3393 3401 hment_t *hm;
3394 3402 hment_t *prev;
3395 3403 htable_t *ht;
3396 3404 uint_t entry;
3397 3405 level_t level;
3398 3406
3399 3407 XPV_DISALLOW_MIGRATE();
3400 3408
3401 3409 /*
3402 3410 * prevent recursion due to kmem_free()
3403 3411 */
3404 3412 ++curthread->t_hatdepth;
3405 3413 ASSERT(curthread->t_hatdepth < 16);
3406 3414
3407 3415 #if defined(__amd64)
3408 3416 /*
3409 3417 * clear the vpm ref.
3410 3418 */
3411 3419 if (vpm_enable) {
3412 3420 pp->p_vpmref = 0;
3413 3421 }
3414 3422 #endif
3415 3423 /*
3416 3424 * The loop with next_size handles pages with multiple pagesize mappings
3417 3425 */
3418 3426 next_size:
3419 3427 for (;;) {
3420 3428
3421 3429 /*
3422 3430 * Get a mapping list entry
3423 3431 */
3424 3432 x86_hm_enter(cur_pp);
3425 3433 for (prev = NULL; ; prev = hm) {
3426 3434 hm = hment_walk(cur_pp, &ht, &entry, prev);
3427 3435 if (hm == NULL) {
3428 3436 x86_hm_exit(cur_pp);
3429 3437
3430 3438 /*
3431 3439 * If not part of a larger page, we're done.
3432 3440 */
3433 3441 if (cur_pp->p_szc <= pg_szcd) {
3434 3442 ASSERT(curthread->t_hatdepth > 0);
3435 3443 --curthread->t_hatdepth;
3436 3444 XPV_ALLOW_MIGRATE();
3437 3445 return (0);
3438 3446 }
3439 3447
3440 3448 /*
3441 3449 * Else check the next larger page size.
3442 3450 * hat_page_demote() may decrease p_szc
3443 3451 * but that's ok we'll just take an extra
3444 3452 * trip discover there're no larger mappings
3445 3453 * and return.
3446 3454 */
3447 3455 ++pg_szcd;
3448 3456 cur_pp = PP_GROUPLEADER(cur_pp, pg_szcd);
3449 3457 goto next_size;
3450 3458 }
3451 3459
3452 3460 /*
3453 3461 * If this mapping size matches, remove it.
3454 3462 */
3455 3463 level = ht->ht_level;
3456 3464 if (level == pg_szcd)
3457 3465 break;
3458 3466 }
3459 3467
3460 3468 /*
3461 3469 * Remove the mapping list entry for this page.
3462 3470 * Note this does the x86_hm_exit() for us.
3463 3471 */
3464 3472 hm = hati_page_unmap(cur_pp, ht, entry);
3465 3473 if (hm != NULL)
3466 3474 hment_free(hm);
3467 3475 }
3468 3476 }
3469 3477
3470 3478 int
3471 3479 hat_pageunload(struct page *pp, uint_t forceflag)
3472 3480 {
3473 3481 ASSERT(PAGE_EXCL(pp));
3474 3482 return (hati_pageunload(pp, 0, forceflag));
3475 3483 }
3476 3484
3477 3485 /*
3478 3486 * Unload all large mappings to pp and reduce by 1 p_szc field of every large
3479 3487 * page level that included pp.
3480 3488 *
3481 3489 * pp must be locked EXCL. Even though no other constituent pages are locked
3482 3490 * it's legal to unload large mappings to pp because all constituent pages of
3483 3491 * large locked mappings have to be locked SHARED. therefore if we have EXCL
3484 3492 * lock on one of constituent pages none of the large mappings to pp are
3485 3493 * locked.
3486 3494 *
3487 3495 * Change (always decrease) p_szc field starting from the last constituent
3488 3496 * page and ending with root constituent page so that root's pszc always shows
3489 3497 * the area where hat_page_demote() may be active.
3490 3498 *
3491 3499 * This mechanism is only used for file system pages where it's not always
3492 3500 * possible to get EXCL locks on all constituent pages to demote the size code
3493 3501 * (as is done for anonymous or kernel large pages).
3494 3502 */
3495 3503 void
3496 3504 hat_page_demote(page_t *pp)
3497 3505 {
3498 3506 uint_t pszc;
3499 3507 uint_t rszc;
3500 3508 uint_t szc;
3501 3509 page_t *rootpp;
3502 3510 page_t *firstpp;
3503 3511 page_t *lastpp;
3504 3512 pgcnt_t pgcnt;
3505 3513
3506 3514 ASSERT(PAGE_EXCL(pp));
3507 3515 ASSERT(!PP_ISFREE(pp));
3508 3516 ASSERT(page_szc_lock_assert(pp));
3509 3517
3510 3518 if (pp->p_szc == 0)
3511 3519 return;
3512 3520
3513 3521 rootpp = PP_GROUPLEADER(pp, 1);
3514 3522 (void) hati_pageunload(rootpp, 1, HAT_FORCE_PGUNLOAD);
3515 3523
3516 3524 /*
3517 3525 * all large mappings to pp are gone
3518 3526 * and no new can be setup since pp is locked exclusively.
3519 3527 *
3520 3528 * Lock the root to make sure there's only one hat_page_demote()
3521 3529 * outstanding within the area of this root's pszc.
3522 3530 *
3523 3531 * Second potential hat_page_demote() is already eliminated by upper
3524 3532 * VM layer via page_szc_lock() but we don't rely on it and use our
3525 3533 * own locking (so that upper layer locking can be changed without
3526 3534 * assumptions that hat depends on upper layer VM to prevent multiple
3527 3535 * hat_page_demote() to be issued simultaneously to the same large
3528 3536 * page).
3529 3537 */
3530 3538 again:
3531 3539 pszc = pp->p_szc;
3532 3540 if (pszc == 0)
3533 3541 return;
3534 3542 rootpp = PP_GROUPLEADER(pp, pszc);
3535 3543 x86_hm_enter(rootpp);
3536 3544 /*
3537 3545 * If root's p_szc is different from pszc we raced with another
3538 3546 * hat_page_demote(). Drop the lock and try to find the root again.
3539 3547 * If root's p_szc is greater than pszc previous hat_page_demote() is
3540 3548 * not done yet. Take and release mlist lock of root's root to wait
3541 3549 * for previous hat_page_demote() to complete.
3542 3550 */
3543 3551 if ((rszc = rootpp->p_szc) != pszc) {
3544 3552 x86_hm_exit(rootpp);
3545 3553 if (rszc > pszc) {
3546 3554 /* p_szc of a locked non free page can't increase */
3547 3555 ASSERT(pp != rootpp);
3548 3556
3549 3557 rootpp = PP_GROUPLEADER(rootpp, rszc);
3550 3558 x86_hm_enter(rootpp);
3551 3559 x86_hm_exit(rootpp);
3552 3560 }
3553 3561 goto again;
3554 3562 }
3555 3563 ASSERT(pp->p_szc == pszc);
3556 3564
3557 3565 /*
3558 3566 * Decrement by 1 p_szc of every constituent page of a region that
3559 3567 * covered pp. For example if original szc is 3 it gets changed to 2
3560 3568 * everywhere except in region 2 that covered pp. Region 2 that
3561 3569 * covered pp gets demoted to 1 everywhere except in region 1 that
3562 3570 * covered pp. The region 1 that covered pp is demoted to region
3563 3571 * 0. It's done this way because from region 3 we removed level 3
3564 3572 * mappings, from region 2 that covered pp we removed level 2 mappings
3565 3573 * and from region 1 that covered pp we removed level 1 mappings. All
3566 3574 * changes are done from from high pfn's to low pfn's so that roots
3567 3575 * are changed last allowing one to know the largest region where
3568 3576 * hat_page_demote() is stil active by only looking at the root page.
3569 3577 *
3570 3578 * This algorithm is implemented in 2 while loops. First loop changes
3571 3579 * p_szc of pages to the right of pp's level 1 region and second
3572 3580 * loop changes p_szc of pages of level 1 region that covers pp
3573 3581 * and all pages to the left of level 1 region that covers pp.
3574 3582 * In the first loop p_szc keeps dropping with every iteration
3575 3583 * and in the second loop it keeps increasing with every iteration.
3576 3584 *
3577 3585 * First loop description: Demote pages to the right of pp outside of
3578 3586 * level 1 region that covers pp. In every iteration of the while
3579 3587 * loop below find the last page of szc region and the first page of
3580 3588 * (szc - 1) region that is immediately to the right of (szc - 1)
3581 3589 * region that covers pp. From last such page to first such page
3582 3590 * change every page's szc to szc - 1. Decrement szc and continue
3583 3591 * looping until szc is 1. If pp belongs to the last (szc - 1) region
3584 3592 * of szc region skip to the next iteration.
3585 3593 */
3586 3594 szc = pszc;
3587 3595 while (szc > 1) {
3588 3596 lastpp = PP_GROUPLEADER(pp, szc);
3589 3597 pgcnt = page_get_pagecnt(szc);
3590 3598 lastpp += pgcnt - 1;
3591 3599 firstpp = PP_GROUPLEADER(pp, (szc - 1));
3592 3600 pgcnt = page_get_pagecnt(szc - 1);
3593 3601 if (lastpp - firstpp < pgcnt) {
3594 3602 szc--;
3595 3603 continue;
3596 3604 }
3597 3605 firstpp += pgcnt;
3598 3606 while (lastpp != firstpp) {
3599 3607 ASSERT(lastpp->p_szc == pszc);
3600 3608 lastpp->p_szc = szc - 1;
3601 3609 lastpp--;
3602 3610 }
3603 3611 firstpp->p_szc = szc - 1;
3604 3612 szc--;
3605 3613 }
3606 3614
3607 3615 /*
3608 3616 * Second loop description:
3609 3617 * First iteration changes p_szc to 0 of every
3610 3618 * page of level 1 region that covers pp.
3611 3619 * Subsequent iterations find last page of szc region
3612 3620 * immediately to the left of szc region that covered pp
3613 3621 * and first page of (szc + 1) region that covers pp.
3614 3622 * From last to first page change p_szc of every page to szc.
3615 3623 * Increment szc and continue looping until szc is pszc.
3616 3624 * If pp belongs to the fist szc region of (szc + 1) region
3617 3625 * skip to the next iteration.
3618 3626 *
3619 3627 */
3620 3628 szc = 0;
3621 3629 while (szc < pszc) {
3622 3630 firstpp = PP_GROUPLEADER(pp, (szc + 1));
3623 3631 if (szc == 0) {
3624 3632 pgcnt = page_get_pagecnt(1);
3625 3633 lastpp = firstpp + (pgcnt - 1);
3626 3634 } else {
3627 3635 lastpp = PP_GROUPLEADER(pp, szc);
3628 3636 if (firstpp == lastpp) {
3629 3637 szc++;
3630 3638 continue;
3631 3639 }
3632 3640 lastpp--;
3633 3641 pgcnt = page_get_pagecnt(szc);
3634 3642 }
3635 3643 while (lastpp != firstpp) {
3636 3644 ASSERT(lastpp->p_szc == pszc);
3637 3645 lastpp->p_szc = szc;
3638 3646 lastpp--;
3639 3647 }
3640 3648 firstpp->p_szc = szc;
3641 3649 if (firstpp == rootpp)
3642 3650 break;
3643 3651 szc++;
3644 3652 }
3645 3653 x86_hm_exit(rootpp);
3646 3654 }
3647 3655
3648 3656 /*
3649 3657 * get hw stats from hardware into page struct and reset hw stats
3650 3658 * returns attributes of page
3651 3659 * Flags for hat_pagesync, hat_getstat, hat_sync
3652 3660 *
3653 3661 * define HAT_SYNC_ZERORM 0x01
3654 3662 *
3655 3663 * Additional flags for hat_pagesync
3656 3664 *
3657 3665 * define HAT_SYNC_STOPON_REF 0x02
3658 3666 * define HAT_SYNC_STOPON_MOD 0x04
3659 3667 * define HAT_SYNC_STOPON_RM 0x06
3660 3668 * define HAT_SYNC_STOPON_SHARED 0x08
3661 3669 */
3662 3670 uint_t
3663 3671 hat_pagesync(struct page *pp, uint_t flags)
3664 3672 {
3665 3673 hment_t *hm = NULL;
3666 3674 htable_t *ht;
3667 3675 uint_t entry;
3668 3676 x86pte_t old, save_old;
3669 3677 x86pte_t new;
3670 3678 uchar_t nrmbits = P_REF|P_MOD|P_RO;
3671 3679 extern ulong_t po_share;
3672 3680 page_t *save_pp = pp;
3673 3681 uint_t pszc = 0;
3674 3682
3675 3683 ASSERT(PAGE_LOCKED(pp) || panicstr);
3676 3684
3677 3685 if (PP_ISRO(pp) && (flags & HAT_SYNC_STOPON_MOD))
3678 3686 return (pp->p_nrm & nrmbits);
3679 3687
3680 3688 if ((flags & HAT_SYNC_ZERORM) == 0) {
3681 3689
3682 3690 if ((flags & HAT_SYNC_STOPON_REF) != 0 && PP_ISREF(pp))
3683 3691 return (pp->p_nrm & nrmbits);
3684 3692
3685 3693 if ((flags & HAT_SYNC_STOPON_MOD) != 0 && PP_ISMOD(pp))
3686 3694 return (pp->p_nrm & nrmbits);
3687 3695
3688 3696 if ((flags & HAT_SYNC_STOPON_SHARED) != 0 &&
3689 3697 hat_page_getshare(pp) > po_share) {
3690 3698 if (PP_ISRO(pp))
3691 3699 PP_SETREF(pp);
3692 3700 return (pp->p_nrm & nrmbits);
3693 3701 }
3694 3702 }
3695 3703
3696 3704 XPV_DISALLOW_MIGRATE();
3697 3705 next_size:
3698 3706 /*
3699 3707 * walk thru the mapping list syncing (and clearing) ref/mod bits.
3700 3708 */
3701 3709 x86_hm_enter(pp);
3702 3710 while ((hm = hment_walk(pp, &ht, &entry, hm)) != NULL) {
3703 3711 if (ht->ht_level < pszc)
3704 3712 continue;
3705 3713 old = x86pte_get(ht, entry);
3706 3714 try_again:
3707 3715
3708 3716 ASSERT(PTE2PFN(old, ht->ht_level) == pp->p_pagenum);
3709 3717
3710 3718 if (PTE_GET(old, PT_REF | PT_MOD) == 0)
3711 3719 continue;
3712 3720
3713 3721 save_old = old;
3714 3722 if ((flags & HAT_SYNC_ZERORM) != 0) {
3715 3723
3716 3724 /*
3717 3725 * Need to clear ref or mod bits. Need to demap
3718 3726 * to make sure any executing TLBs see cleared bits.
3719 3727 */
3720 3728 new = old;
3721 3729 PTE_CLR(new, PT_REF | PT_MOD);
3722 3730 old = hati_update_pte(ht, entry, old, new);
3723 3731 if (old != 0)
3724 3732 goto try_again;
3725 3733
3726 3734 old = save_old;
3727 3735 }
3728 3736
3729 3737 /*
3730 3738 * Sync the PTE
3731 3739 */
3732 3740 if (!(flags & HAT_SYNC_ZERORM) &&
3733 3741 PTE_GET(old, PT_SOFTWARE) <= PT_NOSYNC)
3734 3742 hati_sync_pte_to_page(pp, old, ht->ht_level);
3735 3743
3736 3744 /*
3737 3745 * can stop short if we found a ref'd or mod'd page
3738 3746 */
3739 3747 if ((flags & HAT_SYNC_STOPON_MOD) && PP_ISMOD(save_pp) ||
3740 3748 (flags & HAT_SYNC_STOPON_REF) && PP_ISREF(save_pp)) {
3741 3749 x86_hm_exit(pp);
3742 3750 goto done;
3743 3751 }
3744 3752 }
3745 3753 x86_hm_exit(pp);
3746 3754 while (pszc < pp->p_szc) {
3747 3755 page_t *tpp;
3748 3756 pszc++;
3749 3757 tpp = PP_GROUPLEADER(pp, pszc);
3750 3758 if (pp != tpp) {
3751 3759 pp = tpp;
3752 3760 goto next_size;
3753 3761 }
3754 3762 }
3755 3763 done:
3756 3764 XPV_ALLOW_MIGRATE();
3757 3765 return (save_pp->p_nrm & nrmbits);
3758 3766 }
3759 3767
3760 3768 /*
3761 3769 * returns approx number of mappings to this pp. A return of 0 implies
3762 3770 * there are no mappings to the page.
3763 3771 */
3764 3772 ulong_t
3765 3773 hat_page_getshare(page_t *pp)
3766 3774 {
3767 3775 uint_t cnt;
3768 3776 cnt = hment_mapcnt(pp);
3769 3777 #if defined(__amd64)
3770 3778 if (vpm_enable && pp->p_vpmref) {
3771 3779 cnt += 1;
3772 3780 }
3773 3781 #endif
3774 3782 return (cnt);
3775 3783 }
3776 3784
3777 3785 /*
3778 3786 * Return 1 the number of mappings exceeds sh_thresh. Return 0
3779 3787 * otherwise.
3780 3788 */
3781 3789 int
3782 3790 hat_page_checkshare(page_t *pp, ulong_t sh_thresh)
3783 3791 {
3784 3792 return (hat_page_getshare(pp) > sh_thresh);
3785 3793 }
3786 3794
3787 3795 /*
3788 3796 * hat_softlock isn't supported anymore
3789 3797 */
3790 3798 /*ARGSUSED*/
3791 3799 faultcode_t
3792 3800 hat_softlock(
3793 3801 hat_t *hat,
3794 3802 caddr_t addr,
3795 3803 size_t *len,
3796 3804 struct page **page_array,
3797 3805 uint_t flags)
3798 3806 {
3799 3807 return (FC_NOSUPPORT);
3800 3808 }
3801 3809
3802 3810
3803 3811
3804 3812 /*
3805 3813 * Routine to expose supported HAT features to platform independent code.
3806 3814 */
3807 3815 /*ARGSUSED*/
3808 3816 int
3809 3817 hat_supported(enum hat_features feature, void *arg)
3810 3818 {
3811 3819 switch (feature) {
3812 3820
3813 3821 case HAT_SHARED_PT: /* this is really ISM */
3814 3822 return (1);
3815 3823
3816 3824 case HAT_DYNAMIC_ISM_UNMAP:
3817 3825 return (0);
3818 3826
3819 3827 case HAT_VMODSORT:
3820 3828 return (1);
3821 3829
3822 3830 case HAT_SHARED_REGIONS:
3823 3831 return (0);
3824 3832
3825 3833 default:
3826 3834 panic("hat_supported() - unknown feature");
3827 3835 }
3828 3836 return (0);
3829 3837 }
3830 3838
3831 3839 /*
3832 3840 * Called when a thread is exiting and has been switched to the kernel AS
3833 3841 */
3834 3842 void
3835 3843 hat_thread_exit(kthread_t *thd)
3836 3844 {
3837 3845 ASSERT(thd->t_procp->p_as == &kas);
3838 3846 XPV_DISALLOW_MIGRATE();
3839 3847 hat_switch(thd->t_procp->p_as->a_hat);
3840 3848 XPV_ALLOW_MIGRATE();
3841 3849 }
3842 3850
3843 3851 /*
3844 3852 * Setup the given brand new hat structure as the new HAT on this cpu's mmu.
3845 3853 */
3846 3854 /*ARGSUSED*/
3847 3855 void
3848 3856 hat_setup(hat_t *hat, int flags)
3849 3857 {
3850 3858 XPV_DISALLOW_MIGRATE();
3851 3859 kpreempt_disable();
3852 3860
3853 3861 hat_switch(hat);
3854 3862
3855 3863 kpreempt_enable();
3856 3864 XPV_ALLOW_MIGRATE();
3857 3865 }
3858 3866
3859 3867 /*
3860 3868 * Prepare for a CPU private mapping for the given address.
3861 3869 *
3862 3870 * The address can only be used from a single CPU and can be remapped
3863 3871 * using hat_mempte_remap(). Return the address of the PTE.
3864 3872 *
3865 3873 * We do the htable_create() if necessary and increment the valid count so
3866 3874 * the htable can't disappear. We also hat_devload() the page table into
3867 3875 * kernel so that the PTE is quickly accessed.
3868 3876 */
3869 3877 hat_mempte_t
3870 3878 hat_mempte_setup(caddr_t addr)
3871 3879 {
3872 3880 uintptr_t va = (uintptr_t)addr;
3873 3881 htable_t *ht;
3874 3882 uint_t entry;
3875 3883 x86pte_t oldpte;
3876 3884 hat_mempte_t p;
3877 3885
3878 3886 ASSERT(IS_PAGEALIGNED(va));
3879 3887 ASSERT(!IN_VA_HOLE(va));
3880 3888 ++curthread->t_hatdepth;
3881 3889 XPV_DISALLOW_MIGRATE();
3882 3890 ht = htable_getpte(kas.a_hat, va, &entry, &oldpte, 0);
3883 3891 if (ht == NULL) {
3884 3892 ht = htable_create(kas.a_hat, va, 0, NULL);
3885 3893 entry = htable_va2entry(va, ht);
3886 3894 ASSERT(ht->ht_level == 0);
3887 3895 oldpte = x86pte_get(ht, entry);
3888 3896 }
3889 3897 if (PTE_ISVALID(oldpte))
3890 3898 panic("hat_mempte_setup(): address already mapped"
3891 3899 "ht=%p, entry=%d, pte=" FMT_PTE, (void *)ht, entry, oldpte);
3892 3900
3893 3901 /*
3894 3902 * increment ht_valid_cnt so that the pagetable can't disappear
3895 3903 */
3896 3904 HTABLE_INC(ht->ht_valid_cnt);
3897 3905
3898 3906 /*
3899 3907 * return the PTE physical address to the caller.
3900 3908 */
3901 3909 htable_release(ht);
3902 3910 XPV_ALLOW_MIGRATE();
3903 3911 p = PT_INDEX_PHYSADDR(pfn_to_pa(ht->ht_pfn), entry);
3904 3912 --curthread->t_hatdepth;
3905 3913 return (p);
3906 3914 }
3907 3915
3908 3916 /*
3909 3917 * Release a CPU private mapping for the given address.
3910 3918 * We decrement the htable valid count so it might be destroyed.
3911 3919 */
3912 3920 /*ARGSUSED1*/
3913 3921 void
3914 3922 hat_mempte_release(caddr_t addr, hat_mempte_t pte_pa)
3915 3923 {
3916 3924 htable_t *ht;
3917 3925
3918 3926 XPV_DISALLOW_MIGRATE();
3919 3927 /*
3920 3928 * invalidate any left over mapping and decrement the htable valid count
3921 3929 */
3922 3930 #ifdef __xpv
3923 3931 if (HYPERVISOR_update_va_mapping((uintptr_t)addr, 0,
3924 3932 UVMF_INVLPG | UVMF_LOCAL))
3925 3933 panic("HYPERVISOR_update_va_mapping() failed");
3926 3934 #else
3927 3935 {
3928 3936 x86pte_t *pteptr;
3929 3937
3930 3938 pteptr = x86pte_mapin(mmu_btop(pte_pa),
3931 3939 (pte_pa & MMU_PAGEOFFSET) >> mmu.pte_size_shift, NULL);
3932 3940 if (mmu.pae_hat)
3933 3941 *pteptr = 0;
3934 3942 else
3935 3943 *(x86pte32_t *)pteptr = 0;
3936 3944 mmu_tlbflush_entry(addr);
3937 3945 x86pte_mapout();
3938 3946 }
3939 3947 #endif
3940 3948
3941 3949 ht = htable_getpte(kas.a_hat, ALIGN2PAGE(addr), NULL, NULL, 0);
3942 3950 if (ht == NULL)
3943 3951 panic("hat_mempte_release(): invalid address");
3944 3952 ASSERT(ht->ht_level == 0);
3945 3953 HTABLE_DEC(ht->ht_valid_cnt);
3946 3954 htable_release(ht);
3947 3955 XPV_ALLOW_MIGRATE();
3948 3956 }
3949 3957
3950 3958 /*
3951 3959 * Apply a temporary CPU private mapping to a page. We flush the TLB only
3952 3960 * on this CPU, so this ought to have been called with preemption disabled.
3953 3961 */
3954 3962 void
3955 3963 hat_mempte_remap(
3956 3964 pfn_t pfn,
3957 3965 caddr_t addr,
3958 3966 hat_mempte_t pte_pa,
3959 3967 uint_t attr,
3960 3968 uint_t flags)
3961 3969 {
3962 3970 uintptr_t va = (uintptr_t)addr;
3963 3971 x86pte_t pte;
3964 3972
3965 3973 /*
3966 3974 * Remap the given PTE to the new page's PFN. Invalidate only
3967 3975 * on this CPU.
3968 3976 */
3969 3977 #ifdef DEBUG
3970 3978 htable_t *ht;
3971 3979 uint_t entry;
3972 3980
3973 3981 ASSERT(IS_PAGEALIGNED(va));
3974 3982 ASSERT(!IN_VA_HOLE(va));
3975 3983 ht = htable_getpte(kas.a_hat, va, &entry, NULL, 0);
3976 3984 ASSERT(ht != NULL);
3977 3985 ASSERT(ht->ht_level == 0);
3978 3986 ASSERT(ht->ht_valid_cnt > 0);
3979 3987 ASSERT(ht->ht_pfn == mmu_btop(pte_pa));
3980 3988 htable_release(ht);
3981 3989 #endif
3982 3990 XPV_DISALLOW_MIGRATE();
3983 3991 pte = hati_mkpte(pfn, attr, 0, flags);
3984 3992 #ifdef __xpv
3985 3993 if (HYPERVISOR_update_va_mapping(va, pte, UVMF_INVLPG | UVMF_LOCAL))
3986 3994 panic("HYPERVISOR_update_va_mapping() failed");
3987 3995 #else
3988 3996 {
3989 3997 x86pte_t *pteptr;
3990 3998
3991 3999 pteptr = x86pte_mapin(mmu_btop(pte_pa),
3992 4000 (pte_pa & MMU_PAGEOFFSET) >> mmu.pte_size_shift, NULL);
3993 4001 if (mmu.pae_hat)
3994 4002 *(x86pte_t *)pteptr = pte;
3995 4003 else
3996 4004 *(x86pte32_t *)pteptr = (x86pte32_t)pte;
3997 4005 mmu_tlbflush_entry(addr);
3998 4006 x86pte_mapout();
3999 4007 }
4000 4008 #endif
4001 4009 XPV_ALLOW_MIGRATE();
4002 4010 }
4003 4011
4004 4012
4005 4013
4006 4014 /*
4007 4015 * Hat locking functions
4008 4016 * XXX - these two functions are currently being used by hatstats
4009 4017 * they can be removed by using a per-as mutex for hatstats.
4010 4018 */
4011 4019 void
4012 4020 hat_enter(hat_t *hat)
4013 4021 {
4014 4022 mutex_enter(&hat->hat_mutex);
4015 4023 }
4016 4024
4017 4025 void
4018 4026 hat_exit(hat_t *hat)
4019 4027 {
4020 4028 mutex_exit(&hat->hat_mutex);
4021 4029 }
4022 4030
4023 4031 /*
4024 4032 * HAT part of cpu initialization.
4025 4033 */
4026 4034 void
4027 4035 hat_cpu_online(struct cpu *cpup)
4028 4036 {
4029 4037 if (cpup != CPU) {
4030 4038 x86pte_cpu_init(cpup);
4031 4039 hat_vlp_setup(cpup);
4032 4040 }
4033 4041 CPUSET_ATOMIC_ADD(khat_cpuset, cpup->cpu_id);
4034 4042 }
4035 4043
4036 4044 /*
4037 4045 * HAT part of cpu deletion.
4038 4046 * (currently, we only call this after the cpu is safely passivated.)
4039 4047 */
4040 4048 void
4041 4049 hat_cpu_offline(struct cpu *cpup)
4042 4050 {
4043 4051 ASSERT(cpup != CPU);
4044 4052
4045 4053 CPUSET_ATOMIC_DEL(khat_cpuset, cpup->cpu_id);
4046 4054 hat_vlp_teardown(cpup);
4047 4055 x86pte_cpu_fini(cpup);
4048 4056 }
4049 4057
4050 4058 /*
4051 4059 * Function called after all CPUs are brought online.
4052 4060 * Used to remove low address boot mappings.
4053 4061 */
4054 4062 void
4055 4063 clear_boot_mappings(uintptr_t low, uintptr_t high)
4056 4064 {
4057 4065 uintptr_t vaddr = low;
4058 4066 htable_t *ht = NULL;
4059 4067 level_t level;
4060 4068 uint_t entry;
4061 4069 x86pte_t pte;
4062 4070
4063 4071 /*
4064 4072 * On 1st CPU we can unload the prom mappings, basically we blow away
4065 4073 * all virtual mappings under _userlimit.
4066 4074 */
4067 4075 while (vaddr < high) {
4068 4076 pte = htable_walk(kas.a_hat, &ht, &vaddr, high);
4069 4077 if (ht == NULL)
4070 4078 break;
4071 4079
4072 4080 level = ht->ht_level;
4073 4081 entry = htable_va2entry(vaddr, ht);
4074 4082 ASSERT(level <= mmu.max_page_level);
4075 4083 ASSERT(PTE_ISPAGE(pte, level));
4076 4084
4077 4085 /*
4078 4086 * Unload the mapping from the page tables.
4079 4087 */
4080 4088 (void) x86pte_inval(ht, entry, 0, NULL, B_TRUE);
4081 4089 ASSERT(ht->ht_valid_cnt > 0);
4082 4090 HTABLE_DEC(ht->ht_valid_cnt);
4083 4091 PGCNT_DEC(ht->ht_hat, ht->ht_level);
4084 4092
4085 4093 vaddr += LEVEL_SIZE(ht->ht_level);
4086 4094 }
4087 4095 if (ht)
4088 4096 htable_release(ht);
4089 4097 }
4090 4098
4091 4099 /*
4092 4100 * Atomically update a new translation for a single page. If the
4093 4101 * currently installed PTE doesn't match the value we expect to find,
4094 4102 * it's not updated and we return the PTE we found.
4095 4103 *
4096 4104 * If activating nosync or NOWRITE and the page was modified we need to sync
4097 4105 * with the page_t. Also sync with page_t if clearing ref/mod bits.
4098 4106 */
4099 4107 static x86pte_t
4100 4108 hati_update_pte(htable_t *ht, uint_t entry, x86pte_t expected, x86pte_t new)
4101 4109 {
4102 4110 page_t *pp;
4103 4111 uint_t rm = 0;
4104 4112 x86pte_t replaced;
4105 4113
4106 4114 if (PTE_GET(expected, PT_SOFTWARE) < PT_NOSYNC &&
4107 4115 PTE_GET(expected, PT_MOD | PT_REF) &&
4108 4116 (PTE_GET(new, PT_NOSYNC) || !PTE_GET(new, PT_WRITABLE) ||
4109 4117 !PTE_GET(new, PT_MOD | PT_REF))) {
4110 4118
4111 4119 ASSERT(!pfn_is_foreign(PTE2PFN(expected, ht->ht_level)));
4112 4120 pp = page_numtopp_nolock(PTE2PFN(expected, ht->ht_level));
4113 4121 ASSERT(pp != NULL);
4114 4122 if (PTE_GET(expected, PT_MOD))
4115 4123 rm |= P_MOD;
4116 4124 if (PTE_GET(expected, PT_REF))
4117 4125 rm |= P_REF;
4118 4126 PTE_CLR(new, PT_MOD | PT_REF);
4119 4127 }
4120 4128
4121 4129 replaced = x86pte_update(ht, entry, expected, new);
4122 4130 if (replaced != expected)
4123 4131 return (replaced);
4124 4132
4125 4133 if (rm) {
4126 4134 /*
4127 4135 * sync to all constituent pages of a large page
4128 4136 */
4129 4137 pgcnt_t pgcnt = page_get_pagecnt(ht->ht_level);
4130 4138 ASSERT(IS_P2ALIGNED(pp->p_pagenum, pgcnt));
4131 4139 while (pgcnt-- > 0) {
4132 4140 /*
4133 4141 * hat_page_demote() can't decrease
4134 4142 * pszc below this mapping size
4135 4143 * since large mapping existed after we
4136 4144 * took mlist lock.
4137 4145 */
4138 4146 ASSERT(pp->p_szc >= ht->ht_level);
4139 4147 hat_page_setattr(pp, rm);
4140 4148 ++pp;
4141 4149 }
4142 4150 }
4143 4151
4144 4152 return (0);
4145 4153 }
4146 4154
4147 4155 /* ARGSUSED */
4148 4156 void
4149 4157 hat_join_srd(struct hat *hat, vnode_t *evp)
4150 4158 {
4151 4159 }
4152 4160
4153 4161 /* ARGSUSED */
4154 4162 hat_region_cookie_t
4155 4163 hat_join_region(struct hat *hat,
4156 4164 caddr_t r_saddr,
4157 4165 size_t r_size,
4158 4166 void *r_obj,
4159 4167 u_offset_t r_objoff,
4160 4168 uchar_t r_perm,
4161 4169 uchar_t r_pgszc,
4162 4170 hat_rgn_cb_func_t r_cb_function,
4163 4171 uint_t flags)
4164 4172 {
4165 4173 panic("No shared region support on x86");
4166 4174 return (HAT_INVALID_REGION_COOKIE);
4167 4175 }
4168 4176
4169 4177 /* ARGSUSED */
4170 4178 void
4171 4179 hat_leave_region(struct hat *hat, hat_region_cookie_t rcookie, uint_t flags)
4172 4180 {
4173 4181 panic("No shared region support on x86");
4174 4182 }
4175 4183
4176 4184 /* ARGSUSED */
4177 4185 void
4178 4186 hat_dup_region(struct hat *hat, hat_region_cookie_t rcookie)
4179 4187 {
4180 4188 panic("No shared region support on x86");
4181 4189 }
4182 4190
4183 4191
4184 4192 /*
4185 4193 * Kernel Physical Mapping (kpm) facility
4186 4194 *
4187 4195 * Most of the routines needed to support segkpm are almost no-ops on the
4188 4196 * x86 platform. We map in the entire segment when it is created and leave
4189 4197 * it mapped in, so there is no additional work required to set up and tear
4190 4198 * down individual mappings. All of these routines were created to support
4191 4199 * SPARC platforms that have to avoid aliasing in their virtually indexed
4192 4200 * caches.
4193 4201 *
4194 4202 * Most of the routines have sanity checks in them (e.g. verifying that the
4195 4203 * passed-in page is locked). We don't actually care about most of these
4196 4204 * checks on x86, but we leave them in place to identify problems in the
4197 4205 * upper levels.
4198 4206 */
4199 4207
4200 4208 /*
4201 4209 * Map in a locked page and return the vaddr.
4202 4210 */
4203 4211 /*ARGSUSED*/
4204 4212 caddr_t
4205 4213 hat_kpm_mapin(struct page *pp, struct kpme *kpme)
4206 4214 {
4207 4215 caddr_t vaddr;
4208 4216
4209 4217 #ifdef DEBUG
4210 4218 if (kpm_enable == 0) {
4211 4219 cmn_err(CE_WARN, "hat_kpm_mapin: kpm_enable not set\n");
4212 4220 return ((caddr_t)NULL);
4213 4221 }
4214 4222
4215 4223 if (pp == NULL || PAGE_LOCKED(pp) == 0) {
4216 4224 cmn_err(CE_WARN, "hat_kpm_mapin: pp zero or not locked\n");
4217 4225 return ((caddr_t)NULL);
4218 4226 }
4219 4227 #endif
4220 4228
4221 4229 vaddr = hat_kpm_page2va(pp, 1);
4222 4230
4223 4231 return (vaddr);
4224 4232 }
4225 4233
4226 4234 /*
4227 4235 * Mapout a locked page.
4228 4236 */
4229 4237 /*ARGSUSED*/
4230 4238 void
4231 4239 hat_kpm_mapout(struct page *pp, struct kpme *kpme, caddr_t vaddr)
4232 4240 {
4233 4241 #ifdef DEBUG
4234 4242 if (kpm_enable == 0) {
4235 4243 cmn_err(CE_WARN, "hat_kpm_mapout: kpm_enable not set\n");
4236 4244 return;
4237 4245 }
4238 4246
4239 4247 if (IS_KPM_ADDR(vaddr) == 0) {
4240 4248 cmn_err(CE_WARN, "hat_kpm_mapout: no kpm address\n");
4241 4249 return;
4242 4250 }
4243 4251
4244 4252 if (pp == NULL || PAGE_LOCKED(pp) == 0) {
4245 4253 cmn_err(CE_WARN, "hat_kpm_mapout: page zero or not locked\n");
4246 4254 return;
4247 4255 }
4248 4256 #endif
4249 4257 }
4250 4258
4251 4259 /*
4252 4260 * hat_kpm_mapin_pfn is used to obtain a kpm mapping for physical
4253 4261 * memory addresses that are not described by a page_t. It can
4254 4262 * also be used for normal pages that are not locked, but beware
4255 4263 * this is dangerous - no locking is performed, so the identity of
4256 4264 * the page could change. hat_kpm_mapin_pfn is not supported when
4257 4265 * vac_colors > 1, because the chosen va depends on the page identity,
4258 4266 * which could change.
4259 4267 * The caller must only pass pfn's for valid physical addresses; violation
4260 4268 * of this rule will cause panic.
4261 4269 */
4262 4270 caddr_t
4263 4271 hat_kpm_mapin_pfn(pfn_t pfn)
4264 4272 {
4265 4273 caddr_t paddr, vaddr;
4266 4274
4267 4275 if (kpm_enable == 0)
4268 4276 return ((caddr_t)NULL);
4269 4277
4270 4278 paddr = (caddr_t)ptob(pfn);
4271 4279 vaddr = (uintptr_t)kpm_vbase + paddr;
4272 4280
4273 4281 return ((caddr_t)vaddr);
4274 4282 }
4275 4283
4276 4284 /*ARGSUSED*/
4277 4285 void
4278 4286 hat_kpm_mapout_pfn(pfn_t pfn)
4279 4287 {
4280 4288 /* empty */
4281 4289 }
4282 4290
4283 4291 /*
4284 4292 * Return the kpm virtual address for a specific pfn
4285 4293 */
4286 4294 caddr_t
4287 4295 hat_kpm_pfn2va(pfn_t pfn)
4288 4296 {
4289 4297 uintptr_t vaddr = (uintptr_t)kpm_vbase + mmu_ptob(pfn);
4290 4298
4291 4299 ASSERT(!pfn_is_foreign(pfn));
4292 4300 return ((caddr_t)vaddr);
4293 4301 }
4294 4302
4295 4303 /*
4296 4304 * Return the kpm virtual address for the page at pp.
4297 4305 */
4298 4306 /*ARGSUSED*/
4299 4307 caddr_t
4300 4308 hat_kpm_page2va(struct page *pp, int checkswap)
4301 4309 {
4302 4310 return (hat_kpm_pfn2va(pp->p_pagenum));
4303 4311 }
4304 4312
4305 4313 /*
4306 4314 * Return the page frame number for the kpm virtual address vaddr.
4307 4315 */
4308 4316 pfn_t
4309 4317 hat_kpm_va2pfn(caddr_t vaddr)
4310 4318 {
4311 4319 pfn_t pfn;
4312 4320
4313 4321 ASSERT(IS_KPM_ADDR(vaddr));
4314 4322
4315 4323 pfn = (pfn_t)btop(vaddr - kpm_vbase);
4316 4324
4317 4325 return (pfn);
4318 4326 }
4319 4327
4320 4328
4321 4329 /*
4322 4330 * Return the page for the kpm virtual address vaddr.
4323 4331 */
4324 4332 page_t *
4325 4333 hat_kpm_vaddr2page(caddr_t vaddr)
4326 4334 {
4327 4335 pfn_t pfn;
4328 4336
4329 4337 ASSERT(IS_KPM_ADDR(vaddr));
4330 4338
4331 4339 pfn = hat_kpm_va2pfn(vaddr);
4332 4340
4333 4341 return (page_numtopp_nolock(pfn));
4334 4342 }
4335 4343
4336 4344 /*
4337 4345 * hat_kpm_fault is called from segkpm_fault when we take a page fault on a
4338 4346 * KPM page. This should never happen on x86
4339 4347 */
4340 4348 int
4341 4349 hat_kpm_fault(hat_t *hat, caddr_t vaddr)
4342 4350 {
4343 4351 panic("pagefault in seg_kpm. hat: 0x%p vaddr: 0x%p",
4344 4352 (void *)hat, (void *)vaddr);
4345 4353
4346 4354 return (0);
4347 4355 }
4348 4356
4349 4357 /*ARGSUSED*/
4350 4358 void
4351 4359 hat_kpm_mseghash_clear(int nentries)
4352 4360 {}
4353 4361
4354 4362 /*ARGSUSED*/
4355 4363 void
4356 4364 hat_kpm_mseghash_update(pgcnt_t inx, struct memseg *msp)
4357 4365 {}
4358 4366
4359 4367 #ifndef __xpv
4360 4368 void
4361 4369 hat_kpm_addmem_mseg_update(struct memseg *msp, pgcnt_t nkpmpgs,
4362 4370 offset_t kpm_pages_off)
4363 4371 {
4364 4372 _NOTE(ARGUNUSED(nkpmpgs, kpm_pages_off));
4365 4373 pfn_t base, end;
4366 4374
4367 4375 /*
4368 4376 * kphysm_add_memory_dynamic() does not set nkpmpgs
4369 4377 * when page_t memory is externally allocated. That
4370 4378 * code must properly calculate nkpmpgs in all cases
4371 4379 * if nkpmpgs needs to be used at some point.
4372 4380 */
4373 4381
4374 4382 /*
4375 4383 * The meta (page_t) pages for dynamically added memory are allocated
4376 4384 * either from the incoming memory itself or from existing memory.
4377 4385 * In the former case the base of the incoming pages will be different
4378 4386 * than the base of the dynamic segment so call memseg_get_start() to
4379 4387 * get the actual base of the incoming memory for each case.
4380 4388 */
4381 4389
4382 4390 base = memseg_get_start(msp);
4383 4391 end = msp->pages_end;
4384 4392
4385 4393 hat_devload(kas.a_hat, kpm_vbase + mmu_ptob(base),
4386 4394 mmu_ptob(end - base), base, PROT_READ | PROT_WRITE,
4387 4395 HAT_LOAD | HAT_LOAD_LOCK | HAT_LOAD_NOCONSIST);
4388 4396 }
4389 4397
4390 4398 void
4391 4399 hat_kpm_addmem_mseg_insert(struct memseg *msp)
4392 4400 {
4393 4401 _NOTE(ARGUNUSED(msp));
4394 4402 }
4395 4403
4396 4404 void
4397 4405 hat_kpm_addmem_memsegs_update(struct memseg *msp)
4398 4406 {
4399 4407 _NOTE(ARGUNUSED(msp));
4400 4408 }
4401 4409
4402 4410 /*
4403 4411 * Return end of metadata for an already setup memseg.
4404 4412 * X86 platforms don't need per-page meta data to support kpm.
4405 4413 */
4406 4414 caddr_t
4407 4415 hat_kpm_mseg_reuse(struct memseg *msp)
4408 4416 {
4409 4417 return ((caddr_t)msp->epages);
4410 4418 }
4411 4419
4412 4420 void
4413 4421 hat_kpm_delmem_mseg_update(struct memseg *msp, struct memseg **mspp)
4414 4422 {
4415 4423 _NOTE(ARGUNUSED(msp, mspp));
4416 4424 ASSERT(0);
4417 4425 }
4418 4426
4419 4427 void
4420 4428 hat_kpm_split_mseg_update(struct memseg *msp, struct memseg **mspp,
4421 4429 struct memseg *lo, struct memseg *mid, struct memseg *hi)
4422 4430 {
4423 4431 _NOTE(ARGUNUSED(msp, mspp, lo, mid, hi));
4424 4432 ASSERT(0);
4425 4433 }
4426 4434
4427 4435 /*
4428 4436 * Walk the memsegs chain, applying func to each memseg span.
4429 4437 */
4430 4438 void
4431 4439 hat_kpm_walk(void (*func)(void *, void *, size_t), void *arg)
4432 4440 {
4433 4441 pfn_t pbase, pend;
4434 4442 void *base;
4435 4443 size_t size;
4436 4444 struct memseg *msp;
4437 4445
4438 4446 for (msp = memsegs; msp; msp = msp->next) {
4439 4447 pbase = msp->pages_base;
4440 4448 pend = msp->pages_end;
4441 4449 base = ptob(pbase) + kpm_vbase;
4442 4450 size = ptob(pend - pbase);
4443 4451 func(arg, base, size);
4444 4452 }
4445 4453 }
4446 4454
4447 4455 #else /* __xpv */
4448 4456
4449 4457 /*
4450 4458 * There are specific Hypervisor calls to establish and remove mappings
4451 4459 * to grant table references and the privcmd driver. We have to ensure
4452 4460 * that a page table actually exists.
4453 4461 */
4454 4462 void
4455 4463 hat_prepare_mapping(hat_t *hat, caddr_t addr, uint64_t *pte_ma)
4456 4464 {
4457 4465 maddr_t base_ma;
4458 4466 htable_t *ht;
4459 4467 uint_t entry;
4460 4468
4461 4469 ASSERT(IS_P2ALIGNED((uintptr_t)addr, MMU_PAGESIZE));
4462 4470 XPV_DISALLOW_MIGRATE();
4463 4471 ht = htable_create(hat, (uintptr_t)addr, 0, NULL);
4464 4472
4465 4473 /*
4466 4474 * if an address for pte_ma is passed in, return the MA of the pte
4467 4475 * for this specific address. This address is only valid as long
4468 4476 * as the htable stays locked.
4469 4477 */
4470 4478 if (pte_ma != NULL) {
4471 4479 entry = htable_va2entry((uintptr_t)addr, ht);
4472 4480 base_ma = pa_to_ma(ptob(ht->ht_pfn));
4473 4481 *pte_ma = base_ma + (entry << mmu.pte_size_shift);
4474 4482 }
4475 4483 XPV_ALLOW_MIGRATE();
4476 4484 }
4477 4485
4478 4486 void
4479 4487 hat_release_mapping(hat_t *hat, caddr_t addr)
4480 4488 {
4481 4489 htable_t *ht;
4482 4490
4483 4491 ASSERT(IS_P2ALIGNED((uintptr_t)addr, MMU_PAGESIZE));
4484 4492 XPV_DISALLOW_MIGRATE();
4485 4493 ht = htable_lookup(hat, (uintptr_t)addr, 0);
4486 4494 ASSERT(ht != NULL);
4487 4495 ASSERT(ht->ht_busy >= 2);
4488 4496 htable_release(ht);
4489 4497 htable_release(ht);
4490 4498 XPV_ALLOW_MIGRATE();
4491 4499 }
4492 4500 #endif /* __xpv */
|
↓ open down ↓ |
1106 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX