2 * PowerPC64 port by Mike Corrigan and Dave Engebretsen
3 * {mikejc|engebret}@us.ibm.com
5 * Copyright (c) 2000 Mike Corrigan <mikejc@us.ibm.com>
7 * SMP scalability work:
8 * Copyright (C) 2001 Anton Blanchard <anton@au.ibm.com>, IBM
13 * PowerPC Hashed Page Table functions
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License
17 * as published by the Free Software Foundation; either version
18 * 2 of the License, or (at your option) any later version.
24 #include <linux/spinlock.h>
25 #include <linux/errno.h>
26 #include <linux/sched.h>
27 #include <linux/proc_fs.h>
28 #include <linux/stat.h>
29 #include <linux/sysctl.h>
30 #include <linux/export.h>
31 #include <linux/ctype.h>
32 #include <linux/cache.h>
33 #include <linux/init.h>
34 #include <linux/signal.h>
35 #include <linux/memblock.h>
36 #include <linux/context_tracking.h>
38 #include <asm/processor.h>
39 #include <asm/pgtable.h>
41 #include <asm/mmu_context.h>
43 #include <asm/types.h>
44 #include <asm/uaccess.h>
45 #include <asm/machdep.h>
47 #include <asm/tlbflush.h>
51 #include <asm/cacheflush.h>
52 #include <asm/cputable.h>
53 #include <asm/sections.h>
56 #include <asm/code-patching.h>
57 #include <asm/fadump.h>
58 #include <asm/firmware.h>
62 #define DBG(fmt...) udbg_printf(fmt)
68 #define DBG_LOW(fmt...) udbg_printf(fmt)
70 #define DBG_LOW(fmt...)
78 * Note: pte --> Linux PTE
79 * HPTE --> PowerPC Hashed Page Table Entry
82 * htab_initialize is called with the MMU off (of course), but
83 * the kernel has been copied down to zero so it can directly
84 * reference global data. At this point it is very difficult
85 * to print debug info.
90 extern unsigned long dart_tablebase;
91 #endif /* CONFIG_U3_DART */
93 static unsigned long _SDR1;
94 struct mmu_psize_def mmu_psize_defs[MMU_PAGE_COUNT];
96 struct hash_pte *htab_address;
97 unsigned long htab_size_bytes;
98 unsigned long htab_hash_mask;
99 EXPORT_SYMBOL_GPL(htab_hash_mask);
100 int mmu_linear_psize = MMU_PAGE_4K;
101 int mmu_virtual_psize = MMU_PAGE_4K;
102 int mmu_vmalloc_psize = MMU_PAGE_4K;
103 #ifdef CONFIG_SPARSEMEM_VMEMMAP
104 int mmu_vmemmap_psize = MMU_PAGE_4K;
106 int mmu_io_psize = MMU_PAGE_4K;
107 int mmu_kernel_ssize = MMU_SEGSIZE_256M;
108 int mmu_highuser_ssize = MMU_SEGSIZE_256M;
109 u16 mmu_slb_size = 64;
110 EXPORT_SYMBOL_GPL(mmu_slb_size);
111 #ifdef CONFIG_PPC_64K_PAGES
112 int mmu_ci_restrictions;
114 #ifdef CONFIG_DEBUG_PAGEALLOC
115 static u8 *linear_map_hash_slots;
116 static unsigned long linear_map_hash_count;
117 static DEFINE_SPINLOCK(linear_map_hash_lock);
118 #endif /* CONFIG_DEBUG_PAGEALLOC */
120 /* There are definitions of page sizes arrays to be used when none
121 * is provided by the firmware.
124 /* Pre-POWER4 CPUs (4k pages only)
126 static struct mmu_psize_def mmu_psize_defaults_old[] = {
130 .penc = {[MMU_PAGE_4K] = 0, [1 ... MMU_PAGE_COUNT - 1] = -1},
136 /* POWER4, GPUL, POWER5
138 * Support for 16Mb large pages
140 static struct mmu_psize_def mmu_psize_defaults_gp[] = {
144 .penc = {[MMU_PAGE_4K] = 0, [1 ... MMU_PAGE_COUNT - 1] = -1},
151 .penc = {[0 ... MMU_PAGE_16M - 1] = -1, [MMU_PAGE_16M] = 0,
152 [MMU_PAGE_16M + 1 ... MMU_PAGE_COUNT - 1] = -1 },
158 static unsigned long htab_convert_pte_flags(unsigned long pteflags)
160 unsigned long rflags = pteflags & 0x1fa;
162 /* _PAGE_EXEC -> NOEXEC */
163 if ((pteflags & _PAGE_EXEC) == 0)
166 /* PP bits. PAGE_USER is already PP bit 0x2, so we only
167 * need to add in 0x1 if it's a read-only user page
169 if ((pteflags & _PAGE_USER) && !((pteflags & _PAGE_RW) &&
170 (pteflags & _PAGE_DIRTY)))
173 * Always add "C" bit for perf. Memory coherence is always enabled
175 return rflags | HPTE_R_C | HPTE_R_M;
178 int htab_bolt_mapping(unsigned long vstart, unsigned long vend,
179 unsigned long pstart, unsigned long prot,
180 int psize, int ssize)
182 unsigned long vaddr, paddr;
183 unsigned int step, shift;
186 shift = mmu_psize_defs[psize].shift;
189 prot = htab_convert_pte_flags(prot);
191 DBG("htab_bolt_mapping(%lx..%lx -> %lx (%lx,%d,%d)\n",
192 vstart, vend, pstart, prot, psize, ssize);
194 for (vaddr = vstart, paddr = pstart; vaddr < vend;
195 vaddr += step, paddr += step) {
196 unsigned long hash, hpteg;
197 unsigned long vsid = get_kernel_vsid(vaddr, ssize);
198 unsigned long vpn = hpt_vpn(vaddr, vsid, ssize);
199 unsigned long tprot = prot;
202 * If we hit a bad address return error.
206 /* Make kernel text executable */
207 if (overlaps_kernel_text(vaddr, vaddr + step))
211 * If relocatable, check if it overlaps interrupt vectors that
212 * are copied down to real 0. For relocatable kernel
213 * (e.g. kdump case) we copy interrupt vectors down to real
214 * address 0. Mark that region as executable. This is
215 * because on p8 system with relocation on exception feature
216 * enabled, exceptions are raised with MMU (IR=DR=1) ON. Hence
217 * in order to execute the interrupt handlers in virtual
218 * mode the vector region need to be marked as executable.
220 if ((PHYSICAL_START > MEMORY_START) &&
221 overlaps_interrupt_vector_text(vaddr, vaddr + step))
224 hash = hpt_hash(vpn, shift, ssize);
225 hpteg = ((hash & htab_hash_mask) * HPTES_PER_GROUP);
227 BUG_ON(!ppc_md.hpte_insert);
228 ret = ppc_md.hpte_insert(hpteg, vpn, paddr, tprot,
229 HPTE_V_BOLTED, psize, psize, ssize);
233 #ifdef CONFIG_DEBUG_PAGEALLOC
234 if ((paddr >> PAGE_SHIFT) < linear_map_hash_count)
235 linear_map_hash_slots[paddr >> PAGE_SHIFT] = ret | 0x80;
236 #endif /* CONFIG_DEBUG_PAGEALLOC */
238 return ret < 0 ? ret : 0;
241 #ifdef CONFIG_MEMORY_HOTPLUG
242 static int htab_remove_mapping(unsigned long vstart, unsigned long vend,
243 int psize, int ssize)
246 unsigned int step, shift;
248 shift = mmu_psize_defs[psize].shift;
251 if (!ppc_md.hpte_removebolted) {
252 printk(KERN_WARNING "Platform doesn't implement "
253 "hpte_removebolted\n");
257 for (vaddr = vstart; vaddr < vend; vaddr += step)
258 ppc_md.hpte_removebolted(vaddr, psize, ssize);
262 #endif /* CONFIG_MEMORY_HOTPLUG */
264 static int __init htab_dt_scan_seg_sizes(unsigned long node,
265 const char *uname, int depth,
268 char *type = of_get_flat_dt_prop(node, "device_type", NULL);
270 unsigned long size = 0;
272 /* We are scanning "cpu" nodes only */
273 if (type == NULL || strcmp(type, "cpu") != 0)
276 prop = of_get_flat_dt_prop(node, "ibm,processor-segment-sizes", &size);
279 for (; size >= 4; size -= 4, ++prop) {
280 if (be32_to_cpu(prop[0]) == 40) {
281 DBG("1T segment support detected\n");
282 cur_cpu_spec->mmu_features |= MMU_FTR_1T_SEGMENT;
286 cur_cpu_spec->mmu_features &= ~MMU_FTR_NO_SLBIE_B;
290 static void __init htab_init_seg_sizes(void)
292 of_scan_flat_dt(htab_dt_scan_seg_sizes, NULL);
295 static int __init get_idx_from_shift(unsigned int shift)
319 static int __init htab_dt_scan_page_sizes(unsigned long node,
320 const char *uname, int depth,
323 char *type = of_get_flat_dt_prop(node, "device_type", NULL);
325 unsigned long size = 0;
327 /* We are scanning "cpu" nodes only */
328 if (type == NULL || strcmp(type, "cpu") != 0)
331 prop = of_get_flat_dt_prop(node, "ibm,segment-page-sizes", &size);
333 pr_info("Page sizes from device-tree:\n");
335 cur_cpu_spec->mmu_features &= ~(MMU_FTR_16M_PAGE);
337 unsigned int base_shift = be32_to_cpu(prop[0]);
338 unsigned int slbenc = be32_to_cpu(prop[1]);
339 unsigned int lpnum = be32_to_cpu(prop[2]);
340 struct mmu_psize_def *def;
343 size -= 3; prop += 3;
344 base_idx = get_idx_from_shift(base_shift);
347 * skip the pte encoding also
349 prop += lpnum * 2; size -= lpnum * 2;
352 def = &mmu_psize_defs[base_idx];
353 if (base_idx == MMU_PAGE_16M)
354 cur_cpu_spec->mmu_features |= MMU_FTR_16M_PAGE;
356 def->shift = base_shift;
357 if (base_shift <= 23)
360 def->avpnm = (1 << (base_shift - 23)) - 1;
363 * We don't know for sure what's up with tlbiel, so
364 * for now we only set it for 4K and 64K pages
366 if (base_idx == MMU_PAGE_4K || base_idx == MMU_PAGE_64K)
371 while (size > 0 && lpnum) {
372 unsigned int shift = be32_to_cpu(prop[0]);
373 int penc = be32_to_cpu(prop[1]);
375 prop += 2; size -= 2;
378 idx = get_idx_from_shift(shift);
383 pr_err("Invalid penc for base_shift=%d "
384 "shift=%d\n", base_shift, shift);
386 def->penc[idx] = penc;
387 pr_info("base_shift=%d: shift=%d, sllp=0x%04lx,"
388 " avpnm=0x%08lx, tlbiel=%d, penc=%d\n",
389 base_shift, shift, def->sllp,
390 def->avpnm, def->tlbiel, def->penc[idx]);
398 #ifdef CONFIG_HUGETLB_PAGE
399 /* Scan for 16G memory blocks that have been set aside for huge pages
400 * and reserve those blocks for 16G huge pages.
402 static int __init htab_dt_scan_hugepage_blocks(unsigned long node,
403 const char *uname, int depth,
405 char *type = of_get_flat_dt_prop(node, "device_type", NULL);
407 __be32 *page_count_prop;
408 unsigned int expected_pages;
409 long unsigned int phys_addr;
410 long unsigned int block_size;
412 /* We are scanning "memory" nodes only */
413 if (type == NULL || strcmp(type, "memory") != 0)
416 /* This property is the log base 2 of the number of virtual pages that
417 * will represent this memory block. */
418 page_count_prop = of_get_flat_dt_prop(node, "ibm,expected#pages", NULL);
419 if (page_count_prop == NULL)
421 expected_pages = (1 << be32_to_cpu(page_count_prop[0]));
422 addr_prop = of_get_flat_dt_prop(node, "reg", NULL);
423 if (addr_prop == NULL)
425 phys_addr = be64_to_cpu(addr_prop[0]);
426 block_size = be64_to_cpu(addr_prop[1]);
427 if (block_size != (16 * GB))
429 printk(KERN_INFO "Huge page(16GB) memory: "
430 "addr = 0x%lX size = 0x%lX pages = %d\n",
431 phys_addr, block_size, expected_pages);
432 if (phys_addr + (16 * GB) <= memblock_end_of_DRAM()) {
433 memblock_reserve(phys_addr, block_size * expected_pages);
434 add_gpage(phys_addr, block_size, expected_pages);
438 #endif /* CONFIG_HUGETLB_PAGE */
440 static void mmu_psize_set_default_penc(void)
443 for (bpsize = 0; bpsize < MMU_PAGE_COUNT; bpsize++)
444 for (apsize = 0; apsize < MMU_PAGE_COUNT; apsize++)
445 mmu_psize_defs[bpsize].penc[apsize] = -1;
448 static void __init htab_init_page_sizes(void)
452 /* se the invalid penc to -1 */
453 mmu_psize_set_default_penc();
455 /* Default to 4K pages only */
456 memcpy(mmu_psize_defs, mmu_psize_defaults_old,
457 sizeof(mmu_psize_defaults_old));
460 * Try to find the available page sizes in the device-tree
462 rc = of_scan_flat_dt(htab_dt_scan_page_sizes, NULL);
463 if (rc != 0) /* Found */
467 * Not in the device-tree, let's fallback on known size
468 * list for 16M capable GP & GR
470 if (mmu_has_feature(MMU_FTR_16M_PAGE))
471 memcpy(mmu_psize_defs, mmu_psize_defaults_gp,
472 sizeof(mmu_psize_defaults_gp));
474 #ifndef CONFIG_DEBUG_PAGEALLOC
476 * Pick a size for the linear mapping. Currently, we only support
477 * 16M, 1M and 4K which is the default
479 if (mmu_psize_defs[MMU_PAGE_16M].shift)
480 mmu_linear_psize = MMU_PAGE_16M;
481 else if (mmu_psize_defs[MMU_PAGE_1M].shift)
482 mmu_linear_psize = MMU_PAGE_1M;
483 #endif /* CONFIG_DEBUG_PAGEALLOC */
485 #ifdef CONFIG_PPC_64K_PAGES
487 * Pick a size for the ordinary pages. Default is 4K, we support
488 * 64K for user mappings and vmalloc if supported by the processor.
489 * We only use 64k for ioremap if the processor
490 * (and firmware) support cache-inhibited large pages.
491 * If not, we use 4k and set mmu_ci_restrictions so that
492 * hash_page knows to switch processes that use cache-inhibited
493 * mappings to 4k pages.
495 if (mmu_psize_defs[MMU_PAGE_64K].shift) {
496 mmu_virtual_psize = MMU_PAGE_64K;
497 mmu_vmalloc_psize = MMU_PAGE_64K;
498 if (mmu_linear_psize == MMU_PAGE_4K)
499 mmu_linear_psize = MMU_PAGE_64K;
500 if (mmu_has_feature(MMU_FTR_CI_LARGE_PAGE)) {
502 * Don't use 64k pages for ioremap on pSeries, since
503 * that would stop us accessing the HEA ethernet.
505 if (!machine_is(pseries))
506 mmu_io_psize = MMU_PAGE_64K;
508 mmu_ci_restrictions = 1;
510 #endif /* CONFIG_PPC_64K_PAGES */
512 #ifdef CONFIG_SPARSEMEM_VMEMMAP
513 /* We try to use 16M pages for vmemmap if that is supported
514 * and we have at least 1G of RAM at boot
516 if (mmu_psize_defs[MMU_PAGE_16M].shift &&
517 memblock_phys_mem_size() >= 0x40000000)
518 mmu_vmemmap_psize = MMU_PAGE_16M;
519 else if (mmu_psize_defs[MMU_PAGE_64K].shift)
520 mmu_vmemmap_psize = MMU_PAGE_64K;
522 mmu_vmemmap_psize = MMU_PAGE_4K;
523 #endif /* CONFIG_SPARSEMEM_VMEMMAP */
525 printk(KERN_DEBUG "Page orders: linear mapping = %d, "
526 "virtual = %d, io = %d"
527 #ifdef CONFIG_SPARSEMEM_VMEMMAP
531 mmu_psize_defs[mmu_linear_psize].shift,
532 mmu_psize_defs[mmu_virtual_psize].shift,
533 mmu_psize_defs[mmu_io_psize].shift
534 #ifdef CONFIG_SPARSEMEM_VMEMMAP
535 ,mmu_psize_defs[mmu_vmemmap_psize].shift
539 #ifdef CONFIG_HUGETLB_PAGE
540 /* Reserve 16G huge page memory sections for huge pages */
541 of_scan_flat_dt(htab_dt_scan_hugepage_blocks, NULL);
542 #endif /* CONFIG_HUGETLB_PAGE */
545 static int __init htab_dt_scan_pftsize(unsigned long node,
546 const char *uname, int depth,
549 char *type = of_get_flat_dt_prop(node, "device_type", NULL);
552 /* We are scanning "cpu" nodes only */
553 if (type == NULL || strcmp(type, "cpu") != 0)
556 prop = of_get_flat_dt_prop(node, "ibm,pft-size", NULL);
558 /* pft_size[0] is the NUMA CEC cookie */
559 ppc64_pft_size = be32_to_cpu(prop[1]);
565 static unsigned long __init htab_get_table_size(void)
567 unsigned long mem_size, rnd_mem_size, pteg_count, psize;
569 /* If hash size isn't already provided by the platform, we try to
570 * retrieve it from the device-tree. If it's not there neither, we
571 * calculate it now based on the total RAM size
573 if (ppc64_pft_size == 0)
574 of_scan_flat_dt(htab_dt_scan_pftsize, NULL);
576 return 1UL << ppc64_pft_size;
578 /* round mem_size up to next power of 2 */
579 mem_size = memblock_phys_mem_size();
580 rnd_mem_size = 1UL << __ilog2(mem_size);
581 if (rnd_mem_size < mem_size)
585 psize = mmu_psize_defs[mmu_virtual_psize].shift;
586 pteg_count = max(rnd_mem_size >> (psize + 1), 1UL << 11);
588 return pteg_count << 7;
591 #ifdef CONFIG_MEMORY_HOTPLUG
592 int create_section_mapping(unsigned long start, unsigned long end)
594 return htab_bolt_mapping(start, end, __pa(start),
595 pgprot_val(PAGE_KERNEL), mmu_linear_psize,
599 int remove_section_mapping(unsigned long start, unsigned long end)
601 return htab_remove_mapping(start, end, mmu_linear_psize,
604 #endif /* CONFIG_MEMORY_HOTPLUG */
606 #define FUNCTION_TEXT(A) ((*(unsigned long *)(A)))
608 static void __init htab_finish_init(void)
610 extern unsigned int *htab_call_hpte_insert1;
611 extern unsigned int *htab_call_hpte_insert2;
612 extern unsigned int *htab_call_hpte_remove;
613 extern unsigned int *htab_call_hpte_updatepp;
615 #ifdef CONFIG_PPC_HAS_HASH_64K
616 extern unsigned int *ht64_call_hpte_insert1;
617 extern unsigned int *ht64_call_hpte_insert2;
618 extern unsigned int *ht64_call_hpte_remove;
619 extern unsigned int *ht64_call_hpte_updatepp;
621 patch_branch(ht64_call_hpte_insert1,
622 FUNCTION_TEXT(ppc_md.hpte_insert),
624 patch_branch(ht64_call_hpte_insert2,
625 FUNCTION_TEXT(ppc_md.hpte_insert),
627 patch_branch(ht64_call_hpte_remove,
628 FUNCTION_TEXT(ppc_md.hpte_remove),
630 patch_branch(ht64_call_hpte_updatepp,
631 FUNCTION_TEXT(ppc_md.hpte_updatepp),
634 #endif /* CONFIG_PPC_HAS_HASH_64K */
636 patch_branch(htab_call_hpte_insert1,
637 FUNCTION_TEXT(ppc_md.hpte_insert),
639 patch_branch(htab_call_hpte_insert2,
640 FUNCTION_TEXT(ppc_md.hpte_insert),
642 patch_branch(htab_call_hpte_remove,
643 FUNCTION_TEXT(ppc_md.hpte_remove),
645 patch_branch(htab_call_hpte_updatepp,
646 FUNCTION_TEXT(ppc_md.hpte_updatepp),
650 static void __init htab_initialize(void)
653 unsigned long pteg_count;
655 unsigned long base = 0, size = 0, limit;
656 struct memblock_region *reg;
658 DBG(" -> htab_initialize()\n");
660 /* Initialize segment sizes */
661 htab_init_seg_sizes();
663 /* Initialize page sizes */
664 htab_init_page_sizes();
666 if (mmu_has_feature(MMU_FTR_1T_SEGMENT)) {
667 mmu_kernel_ssize = MMU_SEGSIZE_1T;
668 mmu_highuser_ssize = MMU_SEGSIZE_1T;
669 printk(KERN_INFO "Using 1TB segments\n");
673 * Calculate the required size of the htab. We want the number of
674 * PTEGs to equal one half the number of real pages.
676 htab_size_bytes = htab_get_table_size();
677 pteg_count = htab_size_bytes >> 7;
679 htab_hash_mask = pteg_count - 1;
681 if (firmware_has_feature(FW_FEATURE_LPAR)) {
682 /* Using a hypervisor which owns the htab */
685 #ifdef CONFIG_FA_DUMP
687 * If firmware assisted dump is active firmware preserves
688 * the contents of htab along with entire partition memory.
689 * Clear the htab if firmware assisted dump is active so
690 * that we dont end up using old mappings.
692 if (is_fadump_active() && ppc_md.hpte_clear_all)
693 ppc_md.hpte_clear_all();
696 /* Find storage for the HPT. Must be contiguous in
697 * the absolute address space. On cell we want it to be
698 * in the first 2 Gig so we can use it for IOMMU hacks.
700 if (machine_is(cell))
703 limit = MEMBLOCK_ALLOC_ANYWHERE;
705 table = memblock_alloc_base(htab_size_bytes, htab_size_bytes, limit);
707 DBG("Hash table allocated at %lx, size: %lx\n", table,
710 htab_address = __va(table);
712 /* htab absolute addr + encoded htabsize */
713 _SDR1 = table + __ilog2(pteg_count) - 11;
715 /* Initialize the HPT with no entries */
716 memset((void *)table, 0, htab_size_bytes);
719 mtspr(SPRN_SDR1, _SDR1);
722 prot = pgprot_val(PAGE_KERNEL);
724 #ifdef CONFIG_DEBUG_PAGEALLOC
725 linear_map_hash_count = memblock_end_of_DRAM() >> PAGE_SHIFT;
726 linear_map_hash_slots = __va(memblock_alloc_base(linear_map_hash_count,
728 memset(linear_map_hash_slots, 0, linear_map_hash_count);
729 #endif /* CONFIG_DEBUG_PAGEALLOC */
731 /* On U3 based machines, we need to reserve the DART area and
732 * _NOT_ map it to avoid cache paradoxes as it's remapped non
736 /* create bolted the linear mapping in the hash table */
737 for_each_memblock(memory, reg) {
738 base = (unsigned long)__va(reg->base);
741 DBG("creating mapping for region: %lx..%lx (prot: %lx)\n",
744 #ifdef CONFIG_U3_DART
745 /* Do not map the DART space. Fortunately, it will be aligned
746 * in such a way that it will not cross two memblock regions and
747 * will fit within a single 16Mb page.
748 * The DART space is assumed to be a full 16Mb region even if
749 * we only use 2Mb of that space. We will use more of it later
750 * for AGP GART. We have to use a full 16Mb large page.
752 DBG("DART base: %lx\n", dart_tablebase);
754 if (dart_tablebase != 0 && dart_tablebase >= base
755 && dart_tablebase < (base + size)) {
756 unsigned long dart_table_end = dart_tablebase + 16 * MB;
757 if (base != dart_tablebase)
758 BUG_ON(htab_bolt_mapping(base, dart_tablebase,
762 if ((base + size) > dart_table_end)
763 BUG_ON(htab_bolt_mapping(dart_tablebase+16*MB,
765 __pa(dart_table_end),
771 #endif /* CONFIG_U3_DART */
772 BUG_ON(htab_bolt_mapping(base, base + size, __pa(base),
773 prot, mmu_linear_psize, mmu_kernel_ssize));
775 memblock_set_current_limit(MEMBLOCK_ALLOC_ANYWHERE);
778 * If we have a memory_limit and we've allocated TCEs then we need to
779 * explicitly map the TCE area at the top of RAM. We also cope with the
780 * case that the TCEs start below memory_limit.
781 * tce_alloc_start/end are 16MB aligned so the mapping should work
782 * for either 4K or 16MB pages.
784 if (tce_alloc_start) {
785 tce_alloc_start = (unsigned long)__va(tce_alloc_start);
786 tce_alloc_end = (unsigned long)__va(tce_alloc_end);
788 if (base + size >= tce_alloc_start)
789 tce_alloc_start = base + size + 1;
791 BUG_ON(htab_bolt_mapping(tce_alloc_start, tce_alloc_end,
792 __pa(tce_alloc_start), prot,
793 mmu_linear_psize, mmu_kernel_ssize));
798 DBG(" <- htab_initialize()\n");
803 void __init early_init_mmu(void)
805 /* Setup initial STAB address in the PACA */
806 get_paca()->stab_real = __pa((u64)&initial_stab);
807 get_paca()->stab_addr = (u64)&initial_stab;
809 /* Initialize the MMU Hash table and create the linear mapping
810 * of memory. Has to be done before stab/slb initialization as
811 * this is currently where the page size encoding is obtained
815 /* Initialize stab / SLB management */
816 if (mmu_has_feature(MMU_FTR_SLB))
819 stab_initialize(get_paca()->stab_real);
823 void early_init_mmu_secondary(void)
825 /* Initialize hash table for that CPU */
826 if (!firmware_has_feature(FW_FEATURE_LPAR))
827 mtspr(SPRN_SDR1, _SDR1);
829 /* Initialize STAB/SLB. We use a virtual address as it works
830 * in real mode on pSeries.
832 if (mmu_has_feature(MMU_FTR_SLB))
835 stab_initialize(get_paca()->stab_addr);
837 #endif /* CONFIG_SMP */
840 * Called by asm hashtable.S for doing lazy icache flush
842 unsigned int hash_page_do_lazy_icache(unsigned int pp, pte_t pte, int trap)
846 if (!pfn_valid(pte_pfn(pte)))
849 page = pte_page(pte);
852 if (!test_bit(PG_arch_1, &page->flags) && !PageReserved(page)) {
854 flush_dcache_icache_page(page);
855 set_bit(PG_arch_1, &page->flags);
862 #ifdef CONFIG_PPC_MM_SLICES
863 unsigned int get_paca_psize(unsigned long addr)
866 unsigned char *hpsizes;
867 unsigned long index, mask_index;
869 if (addr < SLICE_LOW_TOP) {
870 lpsizes = get_paca()->context.low_slices_psize;
871 index = GET_LOW_SLICE_INDEX(addr);
872 return (lpsizes >> (index * 4)) & 0xF;
874 hpsizes = get_paca()->context.high_slices_psize;
875 index = GET_HIGH_SLICE_INDEX(addr);
876 mask_index = index & 0x1;
877 return (hpsizes[index >> 1] >> (mask_index * 4)) & 0xF;
881 unsigned int get_paca_psize(unsigned long addr)
883 return get_paca()->context.user_psize;
888 * Demote a segment to using 4k pages.
889 * For now this makes the whole process use 4k pages.
891 #ifdef CONFIG_PPC_64K_PAGES
892 void demote_segment_4k(struct mm_struct *mm, unsigned long addr)
894 if (get_slice_psize(mm, addr) == MMU_PAGE_4K)
896 slice_set_range_psize(mm, addr, 1, MMU_PAGE_4K);
897 #ifdef CONFIG_SPU_BASE
898 spu_flush_all_slbs(mm);
900 if (get_paca_psize(addr) != MMU_PAGE_4K) {
901 get_paca()->context = mm->context;
902 slb_flush_and_rebolt();
905 #endif /* CONFIG_PPC_64K_PAGES */
907 #ifdef CONFIG_PPC_SUBPAGE_PROT
909 * This looks up a 2-bit protection code for a 4k subpage of a 64k page.
910 * Userspace sets the subpage permissions using the subpage_prot system call.
912 * Result is 0: full permissions, _PAGE_RW: read-only,
913 * _PAGE_USER or _PAGE_USER|_PAGE_RW: no access.
915 static int subpage_protection(struct mm_struct *mm, unsigned long ea)
917 struct subpage_prot_table *spt = &mm->context.spt;
921 if (ea >= spt->maxaddr)
923 if (ea < 0x100000000UL) {
924 /* addresses below 4GB use spt->low_prot */
925 sbpm = spt->low_prot;
927 sbpm = spt->protptrs[ea >> SBP_L3_SHIFT];
931 sbpp = sbpm[(ea >> SBP_L2_SHIFT) & (SBP_L2_COUNT - 1)];
934 spp = sbpp[(ea >> PAGE_SHIFT) & (SBP_L1_COUNT - 1)];
936 /* extract 2-bit bitfield for this 4k subpage */
937 spp >>= 30 - 2 * ((ea >> 12) & 0xf);
939 /* turn 0,1,2,3 into combination of _PAGE_USER and _PAGE_RW */
940 spp = ((spp & 2) ? _PAGE_USER : 0) | ((spp & 1) ? _PAGE_RW : 0);
944 #else /* CONFIG_PPC_SUBPAGE_PROT */
945 static inline int subpage_protection(struct mm_struct *mm, unsigned long ea)
951 void hash_failure_debug(unsigned long ea, unsigned long access,
952 unsigned long vsid, unsigned long trap,
953 int ssize, int psize, int lpsize, unsigned long pte)
955 if (!printk_ratelimit())
957 pr_info("mm: Hashing failure ! EA=0x%lx access=0x%lx current=%s\n",
958 ea, access, current->comm);
959 pr_info(" trap=0x%lx vsid=0x%lx ssize=%d base psize=%d psize %d pte=0x%lx\n",
960 trap, vsid, ssize, psize, lpsize, pte);
965 * 1 - normal page fault
966 * -1 - critical hash insertion error
967 * -2 - access not permitted by subpage protection mechanism
969 int hash_page(unsigned long ea, unsigned long access, unsigned long trap)
971 enum ctx_state prev_state = exception_enter();
974 struct mm_struct *mm;
977 const struct cpumask *tmp;
978 int rc, user_region = 0, local = 0;
981 DBG_LOW("hash_page(ea=%016lx, access=%lx, trap=%lx\n",
984 /* Get region & vsid */
985 switch (REGION_ID(ea)) {
990 DBG_LOW(" user region with no mm !\n");
994 psize = get_slice_psize(mm, ea);
995 ssize = user_segment_size(ea);
996 vsid = get_vsid(mm->context.id, ea, ssize);
998 case VMALLOC_REGION_ID:
1000 vsid = get_kernel_vsid(ea, mmu_kernel_ssize);
1001 if (ea < VMALLOC_END)
1002 psize = mmu_vmalloc_psize;
1004 psize = mmu_io_psize;
1005 ssize = mmu_kernel_ssize;
1008 /* Not a valid range
1009 * Send the problem up to do_page_fault
1014 DBG_LOW(" mm=%p, mm->pgdir=%p, vsid=%016lx\n", mm, mm->pgd, vsid);
1018 DBG_LOW("Bad address!\n");
1024 if (pgdir == NULL) {
1029 /* Check CPU locality */
1030 tmp = cpumask_of(smp_processor_id());
1031 if (user_region && cpumask_equal(mm_cpumask(mm), tmp))
1034 #ifndef CONFIG_PPC_64K_PAGES
1035 /* If we use 4K pages and our psize is not 4K, then we might
1036 * be hitting a special driver mapping, and need to align the
1037 * address before we fetch the PTE.
1039 * It could also be a hugepage mapping, in which case this is
1040 * not necessary, but it's not harmful, either.
1042 if (psize != MMU_PAGE_4K)
1043 ea &= ~((1ul << mmu_psize_defs[psize].shift) - 1);
1044 #endif /* CONFIG_PPC_64K_PAGES */
1046 /* Get PTE and page size from page tables */
1047 ptep = find_linux_pte_or_hugepte(pgdir, ea, &hugeshift);
1048 if (ptep == NULL || !pte_present(*ptep)) {
1049 DBG_LOW(" no PTE !\n");
1054 /* Add _PAGE_PRESENT to the required access perm */
1055 access |= _PAGE_PRESENT;
1057 /* Pre-check access permissions (will be re-checked atomically
1058 * in __hash_page_XX but this pre-check is a fast path
1060 if (access & ~pte_val(*ptep)) {
1061 DBG_LOW(" no access !\n");
1067 if (pmd_trans_huge(*(pmd_t *)ptep))
1068 rc = __hash_page_thp(ea, access, vsid, (pmd_t *)ptep,
1069 trap, local, ssize, psize);
1070 #ifdef CONFIG_HUGETLB_PAGE
1072 rc = __hash_page_huge(ea, access, vsid, ptep, trap,
1073 local, ssize, hugeshift, psize);
1077 * if we have hugeshift, and is not transhuge with
1078 * hugetlb disabled, something is really wrong.
1087 #ifndef CONFIG_PPC_64K_PAGES
1088 DBG_LOW(" i-pte: %016lx\n", pte_val(*ptep));
1090 DBG_LOW(" i-pte: %016lx %016lx\n", pte_val(*ptep),
1091 pte_val(*(ptep + PTRS_PER_PTE)));
1093 /* Do actual hashing */
1094 #ifdef CONFIG_PPC_64K_PAGES
1095 /* If _PAGE_4K_PFN is set, make sure this is a 4k segment */
1096 if ((pte_val(*ptep) & _PAGE_4K_PFN) && psize == MMU_PAGE_64K) {
1097 demote_segment_4k(mm, ea);
1098 psize = MMU_PAGE_4K;
1101 /* If this PTE is non-cacheable and we have restrictions on
1102 * using non cacheable large pages, then we switch to 4k
1104 if (mmu_ci_restrictions && psize == MMU_PAGE_64K &&
1105 (pte_val(*ptep) & _PAGE_NO_CACHE)) {
1107 demote_segment_4k(mm, ea);
1108 psize = MMU_PAGE_4K;
1109 } else if (ea < VMALLOC_END) {
1111 * some driver did a non-cacheable mapping
1112 * in vmalloc space, so switch vmalloc
1115 printk(KERN_ALERT "Reducing vmalloc segment "
1116 "to 4kB pages because of "
1117 "non-cacheable mapping\n");
1118 psize = mmu_vmalloc_psize = MMU_PAGE_4K;
1119 #ifdef CONFIG_SPU_BASE
1120 spu_flush_all_slbs(mm);
1125 if (psize != get_paca_psize(ea)) {
1126 get_paca()->context = mm->context;
1127 slb_flush_and_rebolt();
1129 } else if (get_paca()->vmalloc_sllp !=
1130 mmu_psize_defs[mmu_vmalloc_psize].sllp) {
1131 get_paca()->vmalloc_sllp =
1132 mmu_psize_defs[mmu_vmalloc_psize].sllp;
1133 slb_vmalloc_update();
1135 #endif /* CONFIG_PPC_64K_PAGES */
1137 #ifdef CONFIG_PPC_HAS_HASH_64K
1138 if (psize == MMU_PAGE_64K)
1139 rc = __hash_page_64K(ea, access, vsid, ptep, trap, local, ssize);
1141 #endif /* CONFIG_PPC_HAS_HASH_64K */
1143 int spp = subpage_protection(mm, ea);
1147 rc = __hash_page_4K(ea, access, vsid, ptep, trap,
1151 /* Dump some info in case of hash insertion failure, they should
1152 * never happen so it is really useful to know if/when they do
1155 hash_failure_debug(ea, access, vsid, trap, ssize, psize,
1156 psize, pte_val(*ptep));
1157 #ifndef CONFIG_PPC_64K_PAGES
1158 DBG_LOW(" o-pte: %016lx\n", pte_val(*ptep));
1160 DBG_LOW(" o-pte: %016lx %016lx\n", pte_val(*ptep),
1161 pte_val(*(ptep + PTRS_PER_PTE)));
1163 DBG_LOW(" -> rc=%d\n", rc);
1166 exception_exit(prev_state);
1169 EXPORT_SYMBOL_GPL(hash_page);
1171 void hash_preload(struct mm_struct *mm, unsigned long ea,
1172 unsigned long access, unsigned long trap)
1178 unsigned long flags;
1179 int rc, ssize, local = 0;
1181 BUG_ON(REGION_ID(ea) != USER_REGION_ID);
1183 #ifdef CONFIG_PPC_MM_SLICES
1184 /* We only prefault standard pages for now */
1185 if (unlikely(get_slice_psize(mm, ea) != mm->context.user_psize))
1189 DBG_LOW("hash_preload(mm=%p, mm->pgdir=%p, ea=%016lx, access=%lx,"
1190 " trap=%lx\n", mm, mm->pgd, ea, access, trap);
1192 /* Get Linux PTE if available */
1198 ssize = user_segment_size(ea);
1199 vsid = get_vsid(mm->context.id, ea, ssize);
1203 * Hash doesn't like irqs. Walking linux page table with irq disabled
1204 * saves us from holding multiple locks.
1206 local_irq_save(flags);
1209 * THP pages use update_mmu_cache_pmd. We don't do
1210 * hash preload there. Hence can ignore THP here
1212 ptep = find_linux_pte_or_hugepte(pgdir, ea, &hugepage_shift);
1216 WARN_ON(hugepage_shift);
1217 #ifdef CONFIG_PPC_64K_PAGES
1218 /* If either _PAGE_4K_PFN or _PAGE_NO_CACHE is set (and we are on
1219 * a 64K kernel), then we don't preload, hash_page() will take
1220 * care of it once we actually try to access the page.
1221 * That way we don't have to duplicate all of the logic for segment
1222 * page size demotion here
1224 if (pte_val(*ptep) & (_PAGE_4K_PFN | _PAGE_NO_CACHE))
1226 #endif /* CONFIG_PPC_64K_PAGES */
1228 /* Is that local to this CPU ? */
1229 if (cpumask_equal(mm_cpumask(mm), cpumask_of(smp_processor_id())))
1233 #ifdef CONFIG_PPC_HAS_HASH_64K
1234 if (mm->context.user_psize == MMU_PAGE_64K)
1235 rc = __hash_page_64K(ea, access, vsid, ptep, trap, local, ssize);
1237 #endif /* CONFIG_PPC_HAS_HASH_64K */
1238 rc = __hash_page_4K(ea, access, vsid, ptep, trap, local, ssize,
1239 subpage_protection(mm, ea));
1241 /* Dump some info in case of hash insertion failure, they should
1242 * never happen so it is really useful to know if/when they do
1245 hash_failure_debug(ea, access, vsid, trap, ssize,
1246 mm->context.user_psize,
1247 mm->context.user_psize,
1250 local_irq_restore(flags);
1253 /* WARNING: This is called from hash_low_64.S, if you change this prototype,
1254 * do not forget to update the assembly call site !
1256 void flush_hash_page(unsigned long vpn, real_pte_t pte, int psize, int ssize,
1259 unsigned long hash, index, shift, hidx, slot;
1261 DBG_LOW("flush_hash_page(vpn=%016lx)\n", vpn);
1262 pte_iterate_hashed_subpages(pte, psize, vpn, index, shift) {
1263 hash = hpt_hash(vpn, shift, ssize);
1264 hidx = __rpte_to_hidx(pte, index);
1265 if (hidx & _PTEIDX_SECONDARY)
1267 slot = (hash & htab_hash_mask) * HPTES_PER_GROUP;
1268 slot += hidx & _PTEIDX_GROUP_IX;
1269 DBG_LOW(" sub %ld: hash=%lx, hidx=%lx\n", index, slot, hidx);
1271 * We use same base page size and actual psize, because we don't
1272 * use these functions for hugepage
1274 ppc_md.hpte_invalidate(slot, vpn, psize, psize, ssize, local);
1275 } pte_iterate_hashed_end();
1277 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
1278 /* Transactions are not aborted by tlbiel, only tlbie.
1279 * Without, syncing a page back to a block device w/ PIO could pick up
1280 * transactional data (bad!) so we force an abort here. Before the
1281 * sync the page will be made read-only, which will flush_hash_page.
1282 * BIG ISSUE here: if the kernel uses a page from userspace without
1283 * unmapping it first, it may see the speculated version.
1285 if (local && cpu_has_feature(CPU_FTR_TM) &&
1286 current->thread.regs &&
1287 MSR_TM_ACTIVE(current->thread.regs->msr)) {
1289 tm_abort(TM_CAUSE_TLBI);
1294 void flush_hash_range(unsigned long number, int local)
1296 if (ppc_md.flush_hash_range)
1297 ppc_md.flush_hash_range(number, local);
1300 struct ppc64_tlb_batch *batch =
1301 &__get_cpu_var(ppc64_tlb_batch);
1303 for (i = 0; i < number; i++)
1304 flush_hash_page(batch->vpn[i], batch->pte[i],
1305 batch->psize, batch->ssize, local);
1310 * low_hash_fault is called when we the low level hash code failed
1311 * to instert a PTE due to an hypervisor error
1313 void low_hash_fault(struct pt_regs *regs, unsigned long address, int rc)
1315 enum ctx_state prev_state = exception_enter();
1317 if (user_mode(regs)) {
1318 #ifdef CONFIG_PPC_SUBPAGE_PROT
1320 _exception(SIGSEGV, regs, SEGV_ACCERR, address);
1323 _exception(SIGBUS, regs, BUS_ADRERR, address);
1325 bad_page_fault(regs, address, SIGBUS);
1327 exception_exit(prev_state);
1330 long hpte_insert_repeating(unsigned long hash, unsigned long vpn,
1331 unsigned long pa, unsigned long rflags,
1332 unsigned long vflags, int psize, int ssize)
1334 unsigned long hpte_group;
1338 hpte_group = ((hash & htab_hash_mask) *
1339 HPTES_PER_GROUP) & ~0x7UL;
1341 /* Insert into the hash table, primary slot */
1342 slot = ppc_md.hpte_insert(hpte_group, vpn, pa, rflags, vflags,
1343 psize, psize, ssize);
1345 /* Primary is full, try the secondary */
1346 if (unlikely(slot == -1)) {
1347 hpte_group = ((~hash & htab_hash_mask) *
1348 HPTES_PER_GROUP) & ~0x7UL;
1349 slot = ppc_md.hpte_insert(hpte_group, vpn, pa, rflags,
1350 vflags | HPTE_V_SECONDARY,
1351 psize, psize, ssize);
1354 hpte_group = ((hash & htab_hash_mask) *
1355 HPTES_PER_GROUP)&~0x7UL;
1357 ppc_md.hpte_remove(hpte_group);
1365 #ifdef CONFIG_DEBUG_PAGEALLOC
1366 static void kernel_map_linear_page(unsigned long vaddr, unsigned long lmi)
1369 unsigned long vsid = get_kernel_vsid(vaddr, mmu_kernel_ssize);
1370 unsigned long vpn = hpt_vpn(vaddr, vsid, mmu_kernel_ssize);
1371 unsigned long mode = htab_convert_pte_flags(PAGE_KERNEL);
1374 hash = hpt_hash(vpn, PAGE_SHIFT, mmu_kernel_ssize);
1376 /* Don't create HPTE entries for bad address */
1380 ret = hpte_insert_repeating(hash, vpn, __pa(vaddr), mode,
1382 mmu_linear_psize, mmu_kernel_ssize);
1385 spin_lock(&linear_map_hash_lock);
1386 BUG_ON(linear_map_hash_slots[lmi] & 0x80);
1387 linear_map_hash_slots[lmi] = ret | 0x80;
1388 spin_unlock(&linear_map_hash_lock);
1391 static void kernel_unmap_linear_page(unsigned long vaddr, unsigned long lmi)
1393 unsigned long hash, hidx, slot;
1394 unsigned long vsid = get_kernel_vsid(vaddr, mmu_kernel_ssize);
1395 unsigned long vpn = hpt_vpn(vaddr, vsid, mmu_kernel_ssize);
1397 hash = hpt_hash(vpn, PAGE_SHIFT, mmu_kernel_ssize);
1398 spin_lock(&linear_map_hash_lock);
1399 BUG_ON(!(linear_map_hash_slots[lmi] & 0x80));
1400 hidx = linear_map_hash_slots[lmi] & 0x7f;
1401 linear_map_hash_slots[lmi] = 0;
1402 spin_unlock(&linear_map_hash_lock);
1403 if (hidx & _PTEIDX_SECONDARY)
1405 slot = (hash & htab_hash_mask) * HPTES_PER_GROUP;
1406 slot += hidx & _PTEIDX_GROUP_IX;
1407 ppc_md.hpte_invalidate(slot, vpn, mmu_linear_psize, mmu_linear_psize,
1408 mmu_kernel_ssize, 0);
1411 void kernel_map_pages(struct page *page, int numpages, int enable)
1413 unsigned long flags, vaddr, lmi;
1416 local_irq_save(flags);
1417 for (i = 0; i < numpages; i++, page++) {
1418 vaddr = (unsigned long)page_address(page);
1419 lmi = __pa(vaddr) >> PAGE_SHIFT;
1420 if (lmi >= linear_map_hash_count)
1423 kernel_map_linear_page(vaddr, lmi);
1425 kernel_unmap_linear_page(vaddr, lmi);
1427 local_irq_restore(flags);
1429 #endif /* CONFIG_DEBUG_PAGEALLOC */
1431 void setup_initial_memory_limit(phys_addr_t first_memblock_base,
1432 phys_addr_t first_memblock_size)
1434 /* We don't currently support the first MEMBLOCK not mapping 0
1435 * physical on those processors
1437 BUG_ON(first_memblock_base != 0);
1439 /* On LPAR systems, the first entry is our RMA region,
1440 * non-LPAR 64-bit hash MMU systems don't have a limitation
1441 * on real mode access, but using the first entry works well
1442 * enough. We also clamp it to 1G to avoid some funky things
1443 * such as RTAS bugs etc...
1445 ppc64_rma_size = min_t(u64, first_memblock_size, 0x40000000);
1447 /* Finally limit subsequent allocations */
1448 memblock_set_current_limit(ppc64_rma_size);
projects / cascardo / linux.git / blob