2005-04-16 15:20:36 -07:00
/*
* PowerPC64 port by Mike Corrigan and Dave Engebretsen
* { mikejc | engebret } @ us . ibm . com
*
* Copyright ( c ) 2000 Mike Corrigan < mikejc @ us . ibm . com >
*
* SMP scalability work :
* Copyright ( C ) 2001 Anton Blanchard < anton @ au . ibm . com > , IBM
*
* Module name : htab . c
*
* Description :
* PowerPC Hashed Page Table functions
*
* This program is free software ; you can redistribute it and / or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation ; either version
* 2 of the License , or ( at your option ) any later version .
*/
# undef DEBUG
2005-11-07 11:06:55 +11:00
# undef DEBUG_LOW
2005-04-16 15:20:36 -07:00
# include <linux/spinlock.h>
# include <linux/errno.h>
# include <linux/sched.h>
# include <linux/proc_fs.h>
# include <linux/stat.h>
# include <linux/sysctl.h>
# include <linux/ctype.h>
# include <linux/cache.h>
# include <linux/init.h>
# include <linux/signal.h>
# include <asm/processor.h>
# include <asm/pgtable.h>
# include <asm/mmu.h>
# include <asm/mmu_context.h>
# include <asm/page.h>
# include <asm/types.h>
# include <asm/system.h>
# include <asm/uaccess.h>
# include <asm/machdep.h>
# include <asm/lmb.h>
# include <asm/abs_addr.h>
# include <asm/tlbflush.h>
# include <asm/io.h>
# include <asm/eeh.h>
# include <asm/tlb.h>
# include <asm/cacheflush.h>
# include <asm/cputable.h>
# include <asm/sections.h>
2007-05-08 16:27:27 +10:00
# include <asm/spu.h>
2007-10-30 06:24:19 +11:00
# include <asm/udbg.h>
2005-04-16 15:20:36 -07:00
# ifdef DEBUG
# define DBG(fmt...) udbg_printf(fmt)
# else
# define DBG(fmt...)
# endif
2005-11-07 11:06:55 +11:00
# ifdef DEBUG_LOW
# define DBG_LOW(fmt...) udbg_printf(fmt)
# else
# define DBG_LOW(fmt...)
# endif
# define KB (1024)
# define MB (1024*KB)
2005-04-16 15:20:36 -07:00
/*
* Note : pte - - > Linux PTE
* HPTE - - > PowerPC Hashed Page Table Entry
*
* Execution context :
* htab_initialize is called with the MMU off ( of course ) , but
* the kernel has been copied down to zero so it can directly
* reference global data . At this point it is very difficult
* to print debug info .
*
*/
# ifdef CONFIG_U3_DART
extern unsigned long dart_tablebase ;
# endif /* CONFIG_U3_DART */
2005-11-10 13:37:51 +11:00
static unsigned long _SDR1 ;
struct mmu_psize_def mmu_psize_defs [ MMU_PAGE_COUNT ] ;
2007-06-13 14:52:56 +10:00
struct hash_pte * htab_address ;
2006-02-21 17:22:55 +11:00
unsigned long htab_size_bytes ;
2005-07-13 01:11:42 -07:00
unsigned long htab_hash_mask ;
2005-11-07 11:06:55 +11:00
int mmu_linear_psize = MMU_PAGE_4K ;
int mmu_virtual_psize = MMU_PAGE_4K ;
2006-06-15 10:45:18 +10:00
int mmu_vmalloc_psize = MMU_PAGE_4K ;
int mmu_io_psize = MMU_PAGE_4K ;
2007-10-11 20:37:10 +10:00
int mmu_kernel_ssize = MMU_SEGSIZE_256M ;
int mmu_highuser_ssize = MMU_SEGSIZE_256M ;
2007-12-06 17:24:48 +11:00
u16 mmu_slb_size = 64 ;
2005-11-07 11:06:55 +11:00
# ifdef CONFIG_HUGETLB_PAGE
int mmu_huge_psize = MMU_PAGE_16M ;
unsigned int HPAGE_SHIFT ;
# endif
2006-06-15 10:45:18 +10:00
# ifdef CONFIG_PPC_64K_PAGES
int mmu_ci_restrictions ;
# endif
2007-04-12 15:30:23 +10:00
# ifdef CONFIG_DEBUG_PAGEALLOC
static u8 * linear_map_hash_slots ;
static unsigned long linear_map_hash_count ;
2007-04-18 11:50:09 +10:00
static DEFINE_SPINLOCK ( linear_map_hash_lock ) ;
2007-04-12 15:30:23 +10:00
# endif /* CONFIG_DEBUG_PAGEALLOC */
2005-04-16 15:20:36 -07:00
2005-11-07 11:06:55 +11:00
/* There are definitions of page sizes arrays to be used when none
* is provided by the firmware .
*/
2005-04-16 15:20:36 -07:00
2005-11-07 11:06:55 +11:00
/* Pre-POWER4 CPUs (4k pages only)
*/
struct mmu_psize_def mmu_psize_defaults_old [ ] = {
[ MMU_PAGE_4K ] = {
. shift = 12 ,
. sllp = 0 ,
. penc = 0 ,
. avpnm = 0 ,
. tlbiel = 0 ,
} ,
} ;
/* POWER4, GPUL, POWER5
*
* Support for 16 Mb large pages
*/
struct mmu_psize_def mmu_psize_defaults_gp [ ] = {
[ MMU_PAGE_4K ] = {
. shift = 12 ,
. sllp = 0 ,
. penc = 0 ,
. avpnm = 0 ,
. tlbiel = 1 ,
} ,
[ MMU_PAGE_16M ] = {
. shift = 24 ,
. sllp = SLB_VSID_L ,
. penc = 0 ,
. avpnm = 0x1UL ,
. tlbiel = 0 ,
} ,
} ;
int htab_bolt_mapping ( unsigned long vstart , unsigned long vend ,
2007-10-11 20:37:10 +10:00
unsigned long pstart , unsigned long mode ,
int psize , int ssize )
2005-04-16 15:20:36 -07:00
{
2005-11-07 11:06:55 +11:00
unsigned long vaddr , paddr ;
unsigned int step , shift ;
2005-04-16 15:20:36 -07:00
unsigned long tmp_mode ;
2005-11-07 11:06:55 +11:00
int ret = 0 ;
2005-04-16 15:20:36 -07:00
2005-11-07 11:06:55 +11:00
shift = mmu_psize_defs [ psize ] . shift ;
step = 1 < < shift ;
2005-04-16 15:20:36 -07:00
2005-11-07 11:06:55 +11:00
for ( vaddr = vstart , paddr = pstart ; vaddr < vend ;
vaddr + = step , paddr + = step ) {
2007-04-12 15:30:23 +10:00
unsigned long hash , hpteg ;
2007-10-11 20:37:10 +10:00
unsigned long vsid = get_kernel_vsid ( vaddr , ssize ) ;
unsigned long va = hpt_va ( vaddr , vsid , ssize ) ;
2005-04-16 15:20:36 -07:00
tmp_mode = mode ;
/* Make non-kernel text non-executable */
2005-11-07 11:06:55 +11:00
if ( ! in_kernel_text ( vaddr ) )
tmp_mode = mode | HPTE_R_N ;
2005-04-16 15:20:36 -07:00
2007-10-11 20:37:10 +10:00
hash = hpt_hash ( va , shift , ssize ) ;
2005-04-16 15:20:36 -07:00
hpteg = ( ( hash & htab_hash_mask ) * HPTES_PER_GROUP ) ;
2006-06-23 18:16:39 +10:00
DBG ( " htab_bolt_mapping: calling %p \n " , ppc_md . hpte_insert ) ;
BUG_ON ( ! ppc_md . hpte_insert ) ;
ret = ppc_md . hpte_insert ( hpteg , va , paddr ,
2007-10-11 20:37:10 +10:00
tmp_mode , HPTE_V_BOLTED , psize , ssize ) ;
2006-06-23 18:16:39 +10:00
2005-11-07 11:06:55 +11:00
if ( ret < 0 )
break ;
2007-04-12 15:30:23 +10:00
# ifdef CONFIG_DEBUG_PAGEALLOC
if ( ( paddr > > PAGE_SHIFT ) < linear_map_hash_count )
linear_map_hash_slots [ paddr > > PAGE_SHIFT ] = ret | 0x80 ;
# endif /* CONFIG_DEBUG_PAGEALLOC */
2005-11-07 11:06:55 +11:00
}
return ret < 0 ? ret : 0 ;
}
2005-04-16 15:20:36 -07:00
2007-10-11 20:37:10 +10:00
static int __init htab_dt_scan_seg_sizes ( unsigned long node ,
const char * uname , int depth ,
void * data )
{
char * type = of_get_flat_dt_prop ( node , " device_type " , NULL ) ;
u32 * prop ;
unsigned long size = 0 ;
/* We are scanning "cpu" nodes only */
if ( type = = NULL | | strcmp ( type , " cpu " ) ! = 0 )
return 0 ;
prop = ( u32 * ) of_get_flat_dt_prop ( node , " ibm,processor-segment-sizes " ,
& size ) ;
if ( prop = = NULL )
return 0 ;
for ( ; size > = 4 ; size - = 4 , + + prop ) {
if ( prop [ 0 ] = = 40 ) {
DBG ( " 1T segment support detected \n " ) ;
cur_cpu_spec - > cpu_features | = CPU_FTR_1T_SEGMENT ;
2007-10-12 16:44:55 +10:00
return 1 ;
2007-10-11 20:37:10 +10:00
}
}
2007-10-16 00:58:59 +10:00
cur_cpu_spec - > cpu_features & = ~ CPU_FTR_NO_SLBIE_B ;
2007-10-11 20:37:10 +10:00
return 0 ;
}
static void __init htab_init_seg_sizes ( void )
{
of_scan_flat_dt ( htab_dt_scan_seg_sizes , NULL ) ;
}
2005-11-07 11:06:55 +11:00
static int __init htab_dt_scan_page_sizes ( unsigned long node ,
const char * uname , int depth ,
void * data )
{
char * type = of_get_flat_dt_prop ( node , " device_type " , NULL ) ;
u32 * prop ;
unsigned long size = 0 ;
/* We are scanning "cpu" nodes only */
if ( type = = NULL | | strcmp ( type , " cpu " ) ! = 0 )
return 0 ;
prop = ( u32 * ) of_get_flat_dt_prop ( node ,
" ibm,segment-page-sizes " , & size ) ;
if ( prop ! = NULL ) {
DBG ( " Page sizes from device-tree: \n " ) ;
size / = 4 ;
cur_cpu_spec - > cpu_features & = ~ ( CPU_FTR_16M_PAGE ) ;
while ( size > 0 ) {
unsigned int shift = prop [ 0 ] ;
unsigned int slbenc = prop [ 1 ] ;
unsigned int lpnum = prop [ 2 ] ;
unsigned int lpenc = 0 ;
struct mmu_psize_def * def ;
int idx = - 1 ;
size - = 3 ; prop + = 3 ;
while ( size > 0 & & lpnum ) {
if ( prop [ 0 ] = = shift )
lpenc = prop [ 1 ] ;
prop + = 2 ; size - = 2 ;
lpnum - - ;
}
switch ( shift ) {
case 0xc :
idx = MMU_PAGE_4K ;
break ;
case 0x10 :
idx = MMU_PAGE_64K ;
break ;
case 0x14 :
idx = MMU_PAGE_1M ;
break ;
case 0x18 :
idx = MMU_PAGE_16M ;
cur_cpu_spec - > cpu_features | = CPU_FTR_16M_PAGE ;
break ;
case 0x22 :
idx = MMU_PAGE_16G ;
break ;
}
if ( idx < 0 )
continue ;
def = & mmu_psize_defs [ idx ] ;
def - > shift = shift ;
if ( shift < = 23 )
def - > avpnm = 0 ;
else
def - > avpnm = ( 1 < < ( shift - 23 ) ) - 1 ;
def - > sllp = slbenc ;
def - > penc = lpenc ;
/* We don't know for sure what's up with tlbiel, so
* for now we only set it for 4 K and 64 K pages
*/
if ( idx = = MMU_PAGE_4K | | idx = = MMU_PAGE_64K )
def - > tlbiel = 1 ;
else
def - > tlbiel = 0 ;
DBG ( " %d: shift=%02x, sllp=%04x, avpnm=%08x, "
" tlbiel=%d, penc=%d \n " ,
idx , shift , def - > sllp , def - > avpnm , def - > tlbiel ,
def - > penc ) ;
2005-04-16 15:20:36 -07:00
}
2005-11-07 11:06:55 +11:00
return 1 ;
}
return 0 ;
}
static void __init htab_init_page_sizes ( void )
{
int rc ;
/* Default to 4K pages only */
memcpy ( mmu_psize_defs , mmu_psize_defaults_old ,
sizeof ( mmu_psize_defaults_old ) ) ;
/*
* Try to find the available page sizes in the device - tree
*/
rc = of_scan_flat_dt ( htab_dt_scan_page_sizes , NULL ) ;
if ( rc ! = 0 ) /* Found */
goto found ;
/*
* Not in the device - tree , let ' s fallback on known size
* list for 16 M capable GP & GR
*/
2006-11-30 11:46:22 +11:00
if ( cpu_has_feature ( CPU_FTR_16M_PAGE ) )
2005-11-07 11:06:55 +11:00
memcpy ( mmu_psize_defs , mmu_psize_defaults_gp ,
sizeof ( mmu_psize_defaults_gp ) ) ;
found :
2007-04-12 15:30:23 +10:00
# ifndef CONFIG_DEBUG_PAGEALLOC
2005-11-07 11:06:55 +11:00
/*
* Pick a size for the linear mapping . Currently , we only support
* 16 M , 1 M and 4 K which is the default
*/
if ( mmu_psize_defs [ MMU_PAGE_16M ] . shift )
mmu_linear_psize = MMU_PAGE_16M ;
else if ( mmu_psize_defs [ MMU_PAGE_1M ] . shift )
mmu_linear_psize = MMU_PAGE_1M ;
2007-04-12 15:30:23 +10:00
# endif /* CONFIG_DEBUG_PAGEALLOC */
2005-11-07 11:06:55 +11:00
2006-06-15 10:45:18 +10:00
# ifdef CONFIG_PPC_64K_PAGES
2005-11-07 11:06:55 +11:00
/*
* Pick a size for the ordinary pages . Default is 4 K , we support
2006-06-15 10:45:18 +10:00
* 64 K for user mappings and vmalloc if supported by the processor .
* We only use 64 k for ioremap if the processor
* ( and firmware ) support cache - inhibited large pages .
* If not , we use 4 k and set mmu_ci_restrictions so that
* hash_page knows to switch processes that use cache - inhibited
* mappings to 4 k pages .
2005-11-07 11:06:55 +11:00
*/
2006-06-15 10:45:18 +10:00
if ( mmu_psize_defs [ MMU_PAGE_64K ] . shift ) {
2005-11-07 11:06:55 +11:00
mmu_virtual_psize = MMU_PAGE_64K ;
2006-06-15 10:45:18 +10:00
mmu_vmalloc_psize = MMU_PAGE_64K ;
2007-04-12 15:30:23 +10:00
if ( mmu_linear_psize = = MMU_PAGE_4K )
mmu_linear_psize = MMU_PAGE_64K ;
2006-06-15 10:45:18 +10:00
if ( cpu_has_feature ( CPU_FTR_CI_LARGE_PAGE ) )
mmu_io_psize = MMU_PAGE_64K ;
else
mmu_ci_restrictions = 1 ;
}
2007-04-12 15:30:23 +10:00
# endif /* CONFIG_PPC_64K_PAGES */
2005-11-07 11:06:55 +11:00
2006-06-15 10:45:18 +10:00
printk ( KERN_DEBUG " Page orders: linear mapping = %d, "
" virtual = %d, io = %d \n " ,
2005-11-07 11:06:55 +11:00
mmu_psize_defs [ mmu_linear_psize ] . shift ,
2006-06-15 10:45:18 +10:00
mmu_psize_defs [ mmu_virtual_psize ] . shift ,
mmu_psize_defs [ mmu_io_psize ] . shift ) ;
2005-11-07 11:06:55 +11:00
# ifdef CONFIG_HUGETLB_PAGE
/* Init large page size. Currently, we pick 16M or 1M depending
* on what is available
*/
if ( mmu_psize_defs [ MMU_PAGE_16M ] . shift )
2008-01-04 09:59:50 +11:00
set_huge_psize ( MMU_PAGE_16M ) ;
[PATCH] ppc64: Fix bug in SLB miss handler for hugepages
This patch, however, should be applied on top of the 64k-page-size patch to
fix some problems with hugepage (some pre-existing, another introduced by
this patch).
The patch fixes a bug in the SLB miss handler for hugepages on ppc64
introduced by the dynamic hugepage patch (commit id
c594adad5653491813959277fb87a2fef54c4e05) due to a misunderstanding of the
srd instruction's behaviour (mea culpa). The problem arises when a 64-bit
process maps some hugepages in the low 4GB of the address space (unusual).
In this case, as well as the 256M segment in question being marked for
hugepages, other segments at 32G intervals will be incorrectly marked for
hugepages.
In the process, this patch tweaks the semantics of the hugepage bitmaps to
be more sensible. Previously, an address below 4G was marked for hugepages
if the appropriate segment bit in the "low areas" bitmask was set *or* if
the low bit in the "high areas" bitmap was set (which would mark all
addresses below 1TB for hugepage). With this patch, any given address is
governed by a single bitmap. Addresses below 4GB are marked for hugepage
if and only if their bit is set in the "low areas" bitmap (256M
granularity). Addresses between 4GB and 1TB are marked for hugepage iff
the low bit in the "high areas" bitmap is set. Higher addresses are marked
for hugepage iff their bit in the "high areas" bitmap is set (1TB
granularity).
To avoid conflicts, this patch must be applied on top of BenH's pending
patch for 64k base page size [0]. As such, this patch also addresses a
hugepage problem introduced by that patch. That patch allows hugepages of
1MB in size on hardware which supports it, however, that won't work when
using 4k pages (4 level pagetable), because in that case hugepage PTEs are
stored at the PMD level, and each PMD entry maps 2MB. This patch simply
disallows hugepages in that case (we can do something cleverer to re-enable
them some other day).
Built, booted, and a handful of hugepage related tests passed on POWER5
LPAR (both ARCH=powerpc and ARCH=ppc64).
[0] http://gate.crashing.org/~benh/ppc64-64k-pages.diff
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-07 00:57:52 -08:00
/* With 4k/4level pagetables, we can't (for now) cope with a
* huge page size < PMD_SIZE */
2005-11-07 11:06:55 +11:00
else if ( mmu_psize_defs [ MMU_PAGE_1M ] . shift )
2008-01-04 09:59:50 +11:00
set_huge_psize ( MMU_PAGE_1M ) ;
2005-11-07 11:06:55 +11:00
# endif /* CONFIG_HUGETLB_PAGE */
}
static int __init htab_dt_scan_pftsize ( unsigned long node ,
const char * uname , int depth ,
void * data )
{
char * type = of_get_flat_dt_prop ( node , " device_type " , NULL ) ;
u32 * prop ;
/* We are scanning "cpu" nodes only */
if ( type = = NULL | | strcmp ( type , " cpu " ) ! = 0 )
return 0 ;
prop = ( u32 * ) of_get_flat_dt_prop ( node , " ibm,pft-size " , NULL ) ;
if ( prop ! = NULL ) {
/* pft_size[0] is the NUMA CEC cookie */
ppc64_pft_size = prop [ 1 ] ;
return 1 ;
2005-04-16 15:20:36 -07:00
}
2005-11-07 11:06:55 +11:00
return 0 ;
2005-04-16 15:20:36 -07:00
}
2005-11-07 11:06:55 +11:00
static unsigned long __init htab_get_table_size ( void )
2005-10-12 16:58:53 +10:00
{
2005-11-10 13:37:51 +11:00
unsigned long mem_size , rnd_mem_size , pteg_count ;
2005-10-12 16:58:53 +10:00
2005-11-07 11:06:55 +11:00
/* If hash size isn't already provided by the platform, we try to
2006-01-10 00:10:13 +01:00
* retrieve it from the device - tree . If it ' s not there neither , we
2005-11-07 11:06:55 +11:00
* calculate it now based on the total RAM size
2005-10-12 16:58:53 +10:00
*/
2005-11-07 11:06:55 +11:00
if ( ppc64_pft_size = = 0 )
of_scan_flat_dt ( htab_dt_scan_pftsize , NULL ) ;
2005-10-12 16:58:53 +10:00
if ( ppc64_pft_size )
return 1UL < < ppc64_pft_size ;
/* round mem_size up to next power of 2 */
2005-11-10 13:37:51 +11:00
mem_size = lmb_phys_mem_size ( ) ;
rnd_mem_size = 1UL < < __ilog2 ( mem_size ) ;
if ( rnd_mem_size < mem_size )
2005-10-12 16:58:53 +10:00
rnd_mem_size < < = 1 ;
/* # pages / 2 */
pteg_count = max ( rnd_mem_size > > ( 12 + 1 ) , 1UL < < 11 ) ;
return pteg_count < < 7 ;
}
2005-11-07 16:25:48 -08:00
# ifdef CONFIG_MEMORY_HOTPLUG
void create_section_mapping ( unsigned long start , unsigned long end )
{
2006-03-21 20:45:51 +11:00
BUG_ON ( htab_bolt_mapping ( start , end , __pa ( start ) ,
2005-11-07 16:25:48 -08:00
_PAGE_ACCESSED | _PAGE_DIRTY | _PAGE_COHERENT | PP_RWXX ,
2007-10-11 20:37:10 +10:00
mmu_linear_psize , mmu_kernel_ssize ) ) ;
2005-11-07 16:25:48 -08:00
}
# endif /* CONFIG_MEMORY_HOTPLUG */
2006-06-23 18:16:38 +10:00
static inline void make_bl ( unsigned int * insn_addr , void * func )
{
unsigned long funcp = * ( ( unsigned long * ) func ) ;
int offset = funcp - ( unsigned long ) insn_addr ;
* insn_addr = ( unsigned int ) ( 0x48000001 | ( offset & 0x03fffffc ) ) ;
flush_icache_range ( ( unsigned long ) insn_addr , 4 +
( unsigned long ) insn_addr ) ;
}
static void __init htab_finish_init ( void )
{
extern unsigned int * htab_call_hpte_insert1 ;
extern unsigned int * htab_call_hpte_insert2 ;
extern unsigned int * htab_call_hpte_remove ;
extern unsigned int * htab_call_hpte_updatepp ;
2007-05-08 16:27:28 +10:00
# ifdef CONFIG_PPC_HAS_HASH_64K
2006-06-23 18:16:38 +10:00
extern unsigned int * ht64_call_hpte_insert1 ;
extern unsigned int * ht64_call_hpte_insert2 ;
extern unsigned int * ht64_call_hpte_remove ;
extern unsigned int * ht64_call_hpte_updatepp ;
make_bl ( ht64_call_hpte_insert1 , ppc_md . hpte_insert ) ;
make_bl ( ht64_call_hpte_insert2 , ppc_md . hpte_insert ) ;
make_bl ( ht64_call_hpte_remove , ppc_md . hpte_remove ) ;
make_bl ( ht64_call_hpte_updatepp , ppc_md . hpte_updatepp ) ;
2007-05-17 04:43:02 +10:00
# endif /* CONFIG_PPC_HAS_HASH_64K */
2006-06-23 18:16:38 +10:00
make_bl ( htab_call_hpte_insert1 , ppc_md . hpte_insert ) ;
make_bl ( htab_call_hpte_insert2 , ppc_md . hpte_insert ) ;
make_bl ( htab_call_hpte_remove , ppc_md . hpte_remove ) ;
make_bl ( htab_call_hpte_updatepp , ppc_md . hpte_updatepp ) ;
}
2005-04-16 15:20:36 -07:00
void __init htab_initialize ( void )
{
2006-02-21 17:22:55 +11:00
unsigned long table ;
2005-04-16 15:20:36 -07:00
unsigned long pteg_count ;
unsigned long mode_rw ;
2008-01-30 01:13:59 +11:00
unsigned long base = 0 , size = 0 , limit ;
2005-11-07 11:06:55 +11:00
int i ;
2005-04-16 15:20:36 -07:00
extern unsigned long tce_alloc_start , tce_alloc_end ;
DBG ( " -> htab_initialize() \n " ) ;
2007-10-11 20:37:10 +10:00
/* Initialize segment sizes */
htab_init_seg_sizes ( ) ;
2005-11-07 11:06:55 +11:00
/* Initialize page sizes */
htab_init_page_sizes ( ) ;
2007-10-11 20:37:10 +10:00
if ( cpu_has_feature ( CPU_FTR_1T_SEGMENT ) ) {
mmu_kernel_ssize = MMU_SEGSIZE_1T ;
mmu_highuser_ssize = MMU_SEGSIZE_1T ;
printk ( KERN_INFO " Using 1TB segments \n " ) ;
}
2005-04-16 15:20:36 -07:00
/*
* Calculate the required size of the htab . We want the number of
* PTEGs to equal one half the number of real pages .
*/
2005-11-07 11:06:55 +11:00
htab_size_bytes = htab_get_table_size ( ) ;
2005-04-16 15:20:36 -07:00
pteg_count = htab_size_bytes > > 7 ;
htab_hash_mask = pteg_count - 1 ;
2006-03-21 20:45:59 +11:00
if ( firmware_has_feature ( FW_FEATURE_LPAR ) ) {
2005-04-16 15:20:36 -07:00
/* Using a hypervisor which owns the htab */
htab_address = NULL ;
_SDR1 = 0 ;
} else {
/* Find storage for the HPT. Must be contiguous in
2008-01-30 01:13:59 +11:00
* the absolute address space . On cell we want it to be
* in the first 1 Gig .
2005-04-16 15:20:36 -07:00
*/
2008-01-30 01:13:59 +11:00
if ( machine_is ( cell ) )
limit = 0x40000000 ;
else
limit = 0 ;
table = lmb_alloc_base ( htab_size_bytes , htab_size_bytes , limit ) ;
2005-04-16 15:20:36 -07:00
DBG ( " Hash table allocated at %lx, size: %lx \n " , table ,
htab_size_bytes ) ;
htab_address = abs_to_virt ( table ) ;
/* htab absolute addr + encoded htabsize */
_SDR1 = table + __ilog2 ( pteg_count ) - 11 ;
/* Initialize the HPT with no entries */
memset ( ( void * ) table , 0 , htab_size_bytes ) ;
2005-11-10 13:37:51 +11:00
/* Set SDR1 */
mtspr ( SPRN_SDR1 , _SDR1 ) ;
2005-04-16 15:20:36 -07:00
}
2005-06-21 17:15:55 -07:00
mode_rw = _PAGE_ACCESSED | _PAGE_DIRTY | _PAGE_COHERENT | PP_RWXX ;
2005-04-16 15:20:36 -07:00
2007-04-12 15:30:23 +10:00
# ifdef CONFIG_DEBUG_PAGEALLOC
linear_map_hash_count = lmb_end_of_DRAM ( ) > > PAGE_SHIFT ;
linear_map_hash_slots = __va ( lmb_alloc_base ( linear_map_hash_count ,
1 , lmb . rmo_size ) ) ;
memset ( linear_map_hash_slots , 0 , linear_map_hash_count ) ;
# endif /* CONFIG_DEBUG_PAGEALLOC */
2005-04-16 15:20:36 -07:00
/* On U3 based machines, we need to reserve the DART area and
* _NOT_ map it to avoid cache paradoxes as it ' s remapped non
* cacheable later on
*/
/* create bolted the linear mapping in the hash table */
for ( i = 0 ; i < lmb . memory . cnt ; i + + ) {
2005-12-05 10:24:33 -06:00
base = ( unsigned long ) __va ( lmb . memory . region [ i ] . base ) ;
2005-04-16 15:20:36 -07:00
size = lmb . memory . region [ i ] . size ;
DBG ( " creating mapping for region: %lx : %lx \n " , base , size ) ;
# ifdef CONFIG_U3_DART
/* Do not map the DART space. Fortunately, it will be aligned
2005-11-07 11:06:55 +11:00
* in such a way that it will not cross two lmb regions and
* will fit within a single 16 Mb page .
* The DART space is assumed to be a full 16 Mb region even if
* we only use 2 Mb of that space . We will use more of it later
* for AGP GART . We have to use a full 16 Mb large page .
2005-04-16 15:20:36 -07:00
*/
DBG ( " DART base: %lx \n " , dart_tablebase ) ;
if ( dart_tablebase ! = 0 & & dart_tablebase > = base
& & dart_tablebase < ( base + size ) ) {
2006-03-21 20:45:51 +11:00
unsigned long dart_table_end = dart_tablebase + 16 * MB ;
2005-04-16 15:20:36 -07:00
if ( base ! = dart_tablebase )
2005-11-07 11:06:55 +11:00
BUG_ON ( htab_bolt_mapping ( base , dart_tablebase ,
2006-03-21 20:45:51 +11:00
__pa ( base ) , mode_rw ,
2007-10-11 20:37:10 +10:00
mmu_linear_psize ,
mmu_kernel_ssize ) ) ;
2006-03-21 20:45:51 +11:00
if ( ( base + size ) > dart_table_end )
2005-11-07 11:06:55 +11:00
BUG_ON ( htab_bolt_mapping ( dart_tablebase + 16 * MB ,
2006-03-21 20:45:51 +11:00
base + size ,
__pa ( dart_table_end ) ,
2005-11-07 11:06:55 +11:00
mode_rw ,
2007-10-11 20:37:10 +10:00
mmu_linear_psize ,
mmu_kernel_ssize ) ) ;
2005-04-16 15:20:36 -07:00
continue ;
}
# endif /* CONFIG_U3_DART */
2006-03-21 20:45:51 +11:00
BUG_ON ( htab_bolt_mapping ( base , base + size , __pa ( base ) ,
2007-10-11 20:37:10 +10:00
mode_rw , mmu_linear_psize , mmu_kernel_ssize ) ) ;
2005-11-07 11:06:55 +11:00
}
2005-04-16 15:20:36 -07:00
/*
* If we have a memory_limit and we ' ve allocated TCEs then we need to
* explicitly map the TCE area at the top of RAM . We also cope with the
* case that the TCEs start below memory_limit .
* tce_alloc_start / end are 16 MB aligned so the mapping should work
* for either 4 K or 16 MB pages .
*/
if ( tce_alloc_start ) {
2005-12-05 10:24:33 -06:00
tce_alloc_start = ( unsigned long ) __va ( tce_alloc_start ) ;
tce_alloc_end = ( unsigned long ) __va ( tce_alloc_end ) ;
2005-04-16 15:20:36 -07:00
if ( base + size > = tce_alloc_start )
tce_alloc_start = base + size + 1 ;
2006-03-21 20:45:51 +11:00
BUG_ON ( htab_bolt_mapping ( tce_alloc_start , tce_alloc_end ,
__pa ( tce_alloc_start ) , mode_rw ,
2007-10-11 20:37:10 +10:00
mmu_linear_psize , mmu_kernel_ssize ) ) ;
2005-04-16 15:20:36 -07:00
}
2006-06-23 18:16:38 +10:00
htab_finish_init ( ) ;
2005-04-16 15:20:36 -07:00
DBG ( " <- htab_initialize() \n " ) ;
}
# undef KB
# undef MB
2005-12-29 10:46:29 +11:00
void htab_initialize_secondary ( void )
2005-11-10 13:37:51 +11:00
{
2006-03-21 20:45:59 +11:00
if ( ! firmware_has_feature ( FW_FEATURE_LPAR ) )
2005-11-10 13:37:51 +11:00
mtspr ( SPRN_SDR1 , _SDR1 ) ;
}
2005-04-16 15:20:36 -07:00
/*
* Called by asm hashtable . S for doing lazy icache flush
*/
unsigned int hash_page_do_lazy_icache ( unsigned int pp , pte_t pte , int trap )
{
struct page * page ;
2005-11-08 11:21:05 +11:00
if ( ! pfn_valid ( pte_pfn ( pte ) ) )
return pp ;
2005-04-16 15:20:36 -07:00
page = pte_page ( pte ) ;
/* page is dirty */
if ( ! test_bit ( PG_arch_1 , & page - > flags ) & & ! PageReserved ( page ) ) {
if ( trap = = 0x400 ) {
__flush_dcache_icache ( page_address ( page ) ) ;
set_bit ( PG_arch_1 , & page - > flags ) ;
} else
2005-11-07 11:06:55 +11:00
pp | = HPTE_R_N ;
2005-04-16 15:20:36 -07:00
}
return pp ;
}
[POWERPC] Allow drivers to map individual 4k pages to userspace
Some drivers have resources that they want to be able to map into
userspace that are 4k in size. On a kernel configured with 64k pages
we currently end up mapping the 4k we want plus another 60k of
physical address space, which could contain anything. This can
introduce security problems, for example in the case of an infiniband
adaptor where the other 60k could contain registers that some other
program is using for its communications.
This patch adds a new function, remap_4k_pfn, which drivers can use to
map a single 4k page to userspace regardless of whether the kernel is
using a 4k or a 64k page size. Like remap_pfn_range, it would
typically be called in a driver's mmap function. It only maps a
single 4k page, which on a 64k page kernel appears replicated 16 times
throughout a 64k page. On a 4k page kernel it reduces to a call to
remap_pfn_range.
The way this works on a 64k kernel is that a new bit, _PAGE_4K_PFN,
gets set on the linux PTE. This alters the way that __hash_page_4K
computes the real address to put in the HPTE. The RPN field of the
linux PTE becomes the 4k RPN directly rather than being interpreted as
a 64k RPN. Since the RPN field is 32 bits, this means that physical
addresses being mapped with remap_4k_pfn have to be below 2^44,
i.e. 0x100000000000.
The patch also factors out the code in arch/powerpc/mm/hash_utils_64.c
that deals with demoting a process to use 4k pages into one function
that gets called in the various different places where we need to do
that. There were some discrepancies between exactly what was done in
the various places, such as a call to spu_flush_all_slbs in one case
but not in others.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2007-04-03 21:24:02 +10:00
/*
* Demote a segment to using 4 k pages .
* For now this makes the whole process use 4 k pages .
*/
# ifdef CONFIG_PPC_64K_PAGES
[POWERPC] Provide a way to protect 4k subpages when using 64k pages
Using 64k pages on 64-bit PowerPC systems makes life difficult for
emulators that are trying to emulate an ISA, such as x86, which use a
smaller page size, since the emulator can no longer use the MMU and
the normal system calls for controlling page protections. Of course,
the emulator can emulate the MMU by checking and possibly remapping
the address for each memory access in software, but that is pretty
slow.
This provides a facility for such programs to control the access
permissions on individual 4k sub-pages of 64k pages. The idea is
that the emulator supplies an array of protection masks to apply to a
specified range of virtual addresses. These masks are applied at the
level where hardware PTEs are inserted into the hardware page table
based on the Linux PTEs, so the Linux PTEs are not affected. Note
that this new mechanism does not allow any access that would otherwise
be prohibited; it can only prohibit accesses that would otherwise be
allowed. This new facility is only available on 64-bit PowerPC and
only when the kernel is configured for 64k pages.
The masks are supplied using a new subpage_prot system call, which
takes a starting virtual address and length, and a pointer to an array
of protection masks in memory. The array has a 32-bit word per 64k
page to be protected; each 32-bit word consists of 16 2-bit fields,
for which 0 allows any access (that is otherwise allowed), 1 prevents
write accesses, and 2 or 3 prevent any access.
Implicit in this is that the regions of the address space that are
protected are switched to use 4k hardware pages rather than 64k
hardware pages (on machines with hardware 64k page support). In fact
the whole process is switched to use 4k hardware pages when the
subpage_prot system call is used, but this could be improved in future
to switch only the affected segments.
The subpage protection bits are stored in a 3 level tree akin to the
page table tree. The top level of this tree is stored in a structure
that is appended to the top level of the page table tree, i.e., the
pgd array. Since it will often only be 32-bit addresses (below 4GB)
that are protected, the pointers to the first four bottom level pages
are also stored in this structure (each bottom level page contains the
protection bits for 1GB of address space), so the protection bits for
addresses below 4GB can be accessed with one fewer loads than those
for higher addresses.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2008-01-24 08:35:13 +11:00
void demote_segment_4k ( struct mm_struct * mm , unsigned long addr )
2007-05-08 16:27:27 +10:00
{
[POWERPC] Allow drivers to map individual 4k pages to userspace
Some drivers have resources that they want to be able to map into
userspace that are 4k in size. On a kernel configured with 64k pages
we currently end up mapping the 4k we want plus another 60k of
physical address space, which could contain anything. This can
introduce security problems, for example in the case of an infiniband
adaptor where the other 60k could contain registers that some other
program is using for its communications.
This patch adds a new function, remap_4k_pfn, which drivers can use to
map a single 4k page to userspace regardless of whether the kernel is
using a 4k or a 64k page size. Like remap_pfn_range, it would
typically be called in a driver's mmap function. It only maps a
single 4k page, which on a 64k page kernel appears replicated 16 times
throughout a 64k page. On a 4k page kernel it reduces to a call to
remap_pfn_range.
The way this works on a 64k kernel is that a new bit, _PAGE_4K_PFN,
gets set on the linux PTE. This alters the way that __hash_page_4K
computes the real address to put in the HPTE. The RPN field of the
linux PTE becomes the 4k RPN directly rather than being interpreted as
a 64k RPN. Since the RPN field is 32 bits, this means that physical
addresses being mapped with remap_4k_pfn have to be below 2^44,
i.e. 0x100000000000.
The patch also factors out the code in arch/powerpc/mm/hash_utils_64.c
that deals with demoting a process to use 4k pages into one function
that gets called in the various different places where we need to do
that. There were some discrepancies between exactly what was done in
the various places, such as a call to spu_flush_all_slbs in one case
but not in others.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2007-04-03 21:24:02 +10:00
if ( mm - > context . user_psize = = MMU_PAGE_4K )
return ;
2007-05-08 16:27:27 +10:00
slice_set_user_psize ( mm , MMU_PAGE_4K ) ;
2007-07-17 02:35:38 +10:00
# ifdef CONFIG_SPU_BASE
[POWERPC] Allow drivers to map individual 4k pages to userspace
Some drivers have resources that they want to be able to map into
userspace that are 4k in size. On a kernel configured with 64k pages
we currently end up mapping the 4k we want plus another 60k of
physical address space, which could contain anything. This can
introduce security problems, for example in the case of an infiniband
adaptor where the other 60k could contain registers that some other
program is using for its communications.
This patch adds a new function, remap_4k_pfn, which drivers can use to
map a single 4k page to userspace regardless of whether the kernel is
using a 4k or a 64k page size. Like remap_pfn_range, it would
typically be called in a driver's mmap function. It only maps a
single 4k page, which on a 64k page kernel appears replicated 16 times
throughout a 64k page. On a 4k page kernel it reduces to a call to
remap_pfn_range.
The way this works on a 64k kernel is that a new bit, _PAGE_4K_PFN,
gets set on the linux PTE. This alters the way that __hash_page_4K
computes the real address to put in the HPTE. The RPN field of the
linux PTE becomes the 4k RPN directly rather than being interpreted as
a 64k RPN. Since the RPN field is 32 bits, this means that physical
addresses being mapped with remap_4k_pfn have to be below 2^44,
i.e. 0x100000000000.
The patch also factors out the code in arch/powerpc/mm/hash_utils_64.c
that deals with demoting a process to use 4k pages into one function
that gets called in the various different places where we need to do
that. There were some discrepancies between exactly what was done in
the various places, such as a call to spu_flush_all_slbs in one case
but not in others.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2007-04-03 21:24:02 +10:00
spu_flush_all_slbs ( mm ) ;
# endif
[POWERPC] Provide a way to protect 4k subpages when using 64k pages
Using 64k pages on 64-bit PowerPC systems makes life difficult for
emulators that are trying to emulate an ISA, such as x86, which use a
smaller page size, since the emulator can no longer use the MMU and
the normal system calls for controlling page protections. Of course,
the emulator can emulate the MMU by checking and possibly remapping
the address for each memory access in software, but that is pretty
slow.
This provides a facility for such programs to control the access
permissions on individual 4k sub-pages of 64k pages. The idea is
that the emulator supplies an array of protection masks to apply to a
specified range of virtual addresses. These masks are applied at the
level where hardware PTEs are inserted into the hardware page table
based on the Linux PTEs, so the Linux PTEs are not affected. Note
that this new mechanism does not allow any access that would otherwise
be prohibited; it can only prohibit accesses that would otherwise be
allowed. This new facility is only available on 64-bit PowerPC and
only when the kernel is configured for 64k pages.
The masks are supplied using a new subpage_prot system call, which
takes a starting virtual address and length, and a pointer to an array
of protection masks in memory. The array has a 32-bit word per 64k
page to be protected; each 32-bit word consists of 16 2-bit fields,
for which 0 allows any access (that is otherwise allowed), 1 prevents
write accesses, and 2 or 3 prevent any access.
Implicit in this is that the regions of the address space that are
protected are switched to use 4k hardware pages rather than 64k
hardware pages (on machines with hardware 64k page support). In fact
the whole process is switched to use 4k hardware pages when the
subpage_prot system call is used, but this could be improved in future
to switch only the affected segments.
The subpage protection bits are stored in a 3 level tree akin to the
page table tree. The top level of this tree is stored in a structure
that is appended to the top level of the page table tree, i.e., the
pgd array. Since it will often only be 32-bit addresses (below 4GB)
that are protected, the pointers to the first four bottom level pages
are also stored in this structure (each bottom level page contains the
protection bits for 1GB of address space), so the protection bits for
addresses below 4GB can be accessed with one fewer loads than those
for higher addresses.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2008-01-24 08:35:13 +11:00
if ( get_paca ( ) - > context . user_psize ! = MMU_PAGE_4K ) {
get_paca ( ) - > context = mm - > context ;
slb_flush_and_rebolt ( ) ;
}
[POWERPC] Allow drivers to map individual 4k pages to userspace
Some drivers have resources that they want to be able to map into
userspace that are 4k in size. On a kernel configured with 64k pages
we currently end up mapping the 4k we want plus another 60k of
physical address space, which could contain anything. This can
introduce security problems, for example in the case of an infiniband
adaptor where the other 60k could contain registers that some other
program is using for its communications.
This patch adds a new function, remap_4k_pfn, which drivers can use to
map a single 4k page to userspace regardless of whether the kernel is
using a 4k or a 64k page size. Like remap_pfn_range, it would
typically be called in a driver's mmap function. It only maps a
single 4k page, which on a 64k page kernel appears replicated 16 times
throughout a 64k page. On a 4k page kernel it reduces to a call to
remap_pfn_range.
The way this works on a 64k kernel is that a new bit, _PAGE_4K_PFN,
gets set on the linux PTE. This alters the way that __hash_page_4K
computes the real address to put in the HPTE. The RPN field of the
linux PTE becomes the 4k RPN directly rather than being interpreted as
a 64k RPN. Since the RPN field is 32 bits, this means that physical
addresses being mapped with remap_4k_pfn have to be below 2^44,
i.e. 0x100000000000.
The patch also factors out the code in arch/powerpc/mm/hash_utils_64.c
that deals with demoting a process to use 4k pages into one function
that gets called in the various different places where we need to do
that. There were some discrepancies between exactly what was done in
the various places, such as a call to spu_flush_all_slbs in one case
but not in others.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2007-04-03 21:24:02 +10:00
}
2007-05-08 16:27:27 +10:00
# endif /* CONFIG_PPC_64K_PAGES */
[POWERPC] Allow drivers to map individual 4k pages to userspace
Some drivers have resources that they want to be able to map into
userspace that are 4k in size. On a kernel configured with 64k pages
we currently end up mapping the 4k we want plus another 60k of
physical address space, which could contain anything. This can
introduce security problems, for example in the case of an infiniband
adaptor where the other 60k could contain registers that some other
program is using for its communications.
This patch adds a new function, remap_4k_pfn, which drivers can use to
map a single 4k page to userspace regardless of whether the kernel is
using a 4k or a 64k page size. Like remap_pfn_range, it would
typically be called in a driver's mmap function. It only maps a
single 4k page, which on a 64k page kernel appears replicated 16 times
throughout a 64k page. On a 4k page kernel it reduces to a call to
remap_pfn_range.
The way this works on a 64k kernel is that a new bit, _PAGE_4K_PFN,
gets set on the linux PTE. This alters the way that __hash_page_4K
computes the real address to put in the HPTE. The RPN field of the
linux PTE becomes the 4k RPN directly rather than being interpreted as
a 64k RPN. Since the RPN field is 32 bits, this means that physical
addresses being mapped with remap_4k_pfn have to be below 2^44,
i.e. 0x100000000000.
The patch also factors out the code in arch/powerpc/mm/hash_utils_64.c
that deals with demoting a process to use 4k pages into one function
that gets called in the various different places where we need to do
that. There were some discrepancies between exactly what was done in
the various places, such as a call to spu_flush_all_slbs in one case
but not in others.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2007-04-03 21:24:02 +10:00
[POWERPC] Provide a way to protect 4k subpages when using 64k pages
Using 64k pages on 64-bit PowerPC systems makes life difficult for
emulators that are trying to emulate an ISA, such as x86, which use a
smaller page size, since the emulator can no longer use the MMU and
the normal system calls for controlling page protections. Of course,
the emulator can emulate the MMU by checking and possibly remapping
the address for each memory access in software, but that is pretty
slow.
This provides a facility for such programs to control the access
permissions on individual 4k sub-pages of 64k pages. The idea is
that the emulator supplies an array of protection masks to apply to a
specified range of virtual addresses. These masks are applied at the
level where hardware PTEs are inserted into the hardware page table
based on the Linux PTEs, so the Linux PTEs are not affected. Note
that this new mechanism does not allow any access that would otherwise
be prohibited; it can only prohibit accesses that would otherwise be
allowed. This new facility is only available on 64-bit PowerPC and
only when the kernel is configured for 64k pages.
The masks are supplied using a new subpage_prot system call, which
takes a starting virtual address and length, and a pointer to an array
of protection masks in memory. The array has a 32-bit word per 64k
page to be protected; each 32-bit word consists of 16 2-bit fields,
for which 0 allows any access (that is otherwise allowed), 1 prevents
write accesses, and 2 or 3 prevent any access.
Implicit in this is that the regions of the address space that are
protected are switched to use 4k hardware pages rather than 64k
hardware pages (on machines with hardware 64k page support). In fact
the whole process is switched to use 4k hardware pages when the
subpage_prot system call is used, but this could be improved in future
to switch only the affected segments.
The subpage protection bits are stored in a 3 level tree akin to the
page table tree. The top level of this tree is stored in a structure
that is appended to the top level of the page table tree, i.e., the
pgd array. Since it will often only be 32-bit addresses (below 4GB)
that are protected, the pointers to the first four bottom level pages
are also stored in this structure (each bottom level page contains the
protection bits for 1GB of address space), so the protection bits for
addresses below 4GB can be accessed with one fewer loads than those
for higher addresses.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2008-01-24 08:35:13 +11:00
# ifdef CONFIG_PPC_SUBPAGE_PROT
/*
* This looks up a 2 - bit protection code for a 4 k subpage of a 64 k page .
* Userspace sets the subpage permissions using the subpage_prot system call .
*
* Result is 0 : full permissions , _PAGE_RW : read - only ,
* _PAGE_USER or _PAGE_USER | _PAGE_RW : no access .
*/
static int subpage_protection ( pgd_t * pgdir , unsigned long ea )
{
struct subpage_prot_table * spt = pgd_subpage_prot ( pgdir ) ;
u32 spp = 0 ;
u32 * * sbpm , * sbpp ;
if ( ea > = spt - > maxaddr )
return 0 ;
if ( ea < 0x100000000 ) {
/* addresses below 4GB use spt->low_prot */
sbpm = spt - > low_prot ;
} else {
sbpm = spt - > protptrs [ ea > > SBP_L3_SHIFT ] ;
if ( ! sbpm )
return 0 ;
}
sbpp = sbpm [ ( ea > > SBP_L2_SHIFT ) & ( SBP_L2_COUNT - 1 ) ] ;
if ( ! sbpp )
return 0 ;
spp = sbpp [ ( ea > > PAGE_SHIFT ) & ( SBP_L1_COUNT - 1 ) ] ;
/* extract 2-bit bitfield for this 4k subpage */
spp > > = 30 - 2 * ( ( ea > > 12 ) & 0xf ) ;
/* turn 0,1,2,3 into combination of _PAGE_USER and _PAGE_RW */
spp = ( ( spp & 2 ) ? _PAGE_USER : 0 ) | ( ( spp & 1 ) ? _PAGE_RW : 0 ) ;
return spp ;
}
# else /* CONFIG_PPC_SUBPAGE_PROT */
static inline int subpage_protection ( pgd_t * pgdir , unsigned long ea )
{
return 0 ;
}
# endif
2005-04-16 15:20:36 -07:00
/* Result code is:
* 0 - handled
* 1 - normal page fault
* - 1 - critical hash insertion error
[POWERPC] Provide a way to protect 4k subpages when using 64k pages
Using 64k pages on 64-bit PowerPC systems makes life difficult for
emulators that are trying to emulate an ISA, such as x86, which use a
smaller page size, since the emulator can no longer use the MMU and
the normal system calls for controlling page protections. Of course,
the emulator can emulate the MMU by checking and possibly remapping
the address for each memory access in software, but that is pretty
slow.
This provides a facility for such programs to control the access
permissions on individual 4k sub-pages of 64k pages. The idea is
that the emulator supplies an array of protection masks to apply to a
specified range of virtual addresses. These masks are applied at the
level where hardware PTEs are inserted into the hardware page table
based on the Linux PTEs, so the Linux PTEs are not affected. Note
that this new mechanism does not allow any access that would otherwise
be prohibited; it can only prohibit accesses that would otherwise be
allowed. This new facility is only available on 64-bit PowerPC and
only when the kernel is configured for 64k pages.
The masks are supplied using a new subpage_prot system call, which
takes a starting virtual address and length, and a pointer to an array
of protection masks in memory. The array has a 32-bit word per 64k
page to be protected; each 32-bit word consists of 16 2-bit fields,
for which 0 allows any access (that is otherwise allowed), 1 prevents
write accesses, and 2 or 3 prevent any access.
Implicit in this is that the regions of the address space that are
protected are switched to use 4k hardware pages rather than 64k
hardware pages (on machines with hardware 64k page support). In fact
the whole process is switched to use 4k hardware pages when the
subpage_prot system call is used, but this could be improved in future
to switch only the affected segments.
The subpage protection bits are stored in a 3 level tree akin to the
page table tree. The top level of this tree is stored in a structure
that is appended to the top level of the page table tree, i.e., the
pgd array. Since it will often only be 32-bit addresses (below 4GB)
that are protected, the pointers to the first four bottom level pages
are also stored in this structure (each bottom level page contains the
protection bits for 1GB of address space), so the protection bits for
addresses below 4GB can be accessed with one fewer loads than those
for higher addresses.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2008-01-24 08:35:13 +11:00
* - 2 - access not permitted by subpage protection mechanism
2005-04-16 15:20:36 -07:00
*/
int hash_page ( unsigned long ea , unsigned long access , unsigned long trap )
{
void * pgdir ;
unsigned long vsid ;
struct mm_struct * mm ;
pte_t * ptep ;
cpumask_t tmp ;
2005-11-07 11:06:55 +11:00
int rc , user_region = 0 , local = 0 ;
2007-10-11 20:37:10 +10:00
int psize , ssize ;
2005-04-16 15:20:36 -07:00
2005-11-07 11:06:55 +11:00
DBG_LOW ( " hash_page(ea=%016lx, access=%lx, trap=%lx \n " ,
ea , access , trap ) ;
2005-05-05 16:15:13 -07:00
2005-11-07 11:06:55 +11:00
if ( ( ea & ~ REGION_MASK ) > = PGTABLE_RANGE ) {
DBG_LOW ( " out of pgtable range ! \n " ) ;
return 1 ;
}
/* Get region & vsid */
2005-04-16 15:20:36 -07:00
switch ( REGION_ID ( ea ) ) {
case USER_REGION_ID :
user_region = 1 ;
mm = current - > mm ;
2005-11-07 11:06:55 +11:00
if ( ! mm ) {
DBG_LOW ( " user region with no mm ! \n " ) ;
2005-04-16 15:20:36 -07:00
return 1 ;
2005-11-07 11:06:55 +11:00
}
2007-05-08 16:27:28 +10:00
# ifdef CONFIG_PPC_MM_SLICES
psize = get_slice_psize ( mm , ea ) ;
# else
2006-06-15 10:45:18 +10:00
psize = mm - > context . user_psize ;
2007-05-08 16:27:28 +10:00
# endif
2007-10-11 20:37:10 +10:00
ssize = user_segment_size ( ea ) ;
vsid = get_vsid ( mm - > context . id , ea , ssize ) ;
2005-04-16 15:20:36 -07:00
break ;
case VMALLOC_REGION_ID :
mm = & init_mm ;
2007-10-11 20:37:10 +10:00
vsid = get_kernel_vsid ( ea , mmu_kernel_ssize ) ;
2006-06-15 10:45:18 +10:00
if ( ea < VMALLOC_END )
psize = mmu_vmalloc_psize ;
else
psize = mmu_io_psize ;
2007-10-11 20:37:10 +10:00
ssize = mmu_kernel_ssize ;
2005-04-16 15:20:36 -07:00
break ;
default :
/* Not a valid range
* Send the problem up to do_page_fault
*/
return 1 ;
}
2005-11-07 11:06:55 +11:00
DBG_LOW ( " mm=%p, mm->pgdir=%p, vsid=%016lx \n " , mm , mm - > pgd , vsid ) ;
2005-04-16 15:20:36 -07:00
2005-11-07 11:06:55 +11:00
/* Get pgdir */
2005-04-16 15:20:36 -07:00
pgdir = mm - > pgd ;
if ( pgdir = = NULL )
return 1 ;
2005-11-07 11:06:55 +11:00
/* Check CPU locality */
2005-04-16 15:20:36 -07:00
tmp = cpumask_of_cpu ( smp_processor_id ( ) ) ;
if ( user_region & & cpus_equal ( mm - > cpu_vm_mask , tmp ) )
local = 1 ;
2007-05-08 16:27:27 +10:00
# ifdef CONFIG_HUGETLB_PAGE
2005-11-07 11:06:55 +11:00
/* Handle hugepage regions */
2007-05-08 16:27:28 +10:00
if ( HPAGE_SHIFT & & psize = = mmu_huge_psize ) {
2005-11-07 11:06:55 +11:00
DBG_LOW ( " -> huge page ! \n " ) ;
2005-12-09 14:20:52 +11:00
return hash_huge_page ( mm , access , ea , vsid , local , trap ) ;
2005-11-07 11:06:55 +11:00
}
2007-05-08 16:27:27 +10:00
# endif /* CONFIG_HUGETLB_PAGE */
2005-11-07 11:06:55 +11:00
2007-05-08 16:27:28 +10:00
# ifndef CONFIG_PPC_64K_PAGES
/* If we use 4K pages and our psize is not 4K, then we are hitting
* a special driver mapping , we need to align the address before
* we fetch the PTE
*/
if ( psize ! = MMU_PAGE_4K )
ea & = ~ ( ( 1ul < < mmu_psize_defs [ psize ] . shift ) - 1 ) ;
# endif /* CONFIG_PPC_64K_PAGES */
2005-11-07 11:06:55 +11:00
/* Get PTE and page size from page tables */
ptep = find_linux_pte ( pgdir , ea ) ;
if ( ptep = = NULL | | ! pte_present ( * ptep ) ) {
DBG_LOW ( " no PTE ! \n " ) ;
return 1 ;
}
# ifndef CONFIG_PPC_64K_PAGES
DBG_LOW ( " i-pte: %016lx \n " , pte_val ( * ptep ) ) ;
# else
DBG_LOW ( " i-pte: %016lx %016lx \n " , pte_val ( * ptep ) ,
pte_val ( * ( ptep + PTRS_PER_PTE ) ) ) ;
# endif
/* Pre-check access permissions (will be re-checked atomically
* in __hash_page_XX but this pre - check is a fast path
*/
if ( access & ~ pte_val ( * ptep ) ) {
DBG_LOW ( " no access ! \n " ) ;
return 1 ;
2005-04-16 15:20:36 -07:00
}
2005-11-07 11:06:55 +11:00
/* Do actual hashing */
2007-05-08 16:27:28 +10:00
# ifdef CONFIG_PPC_64K_PAGES
[POWERPC] Allow drivers to map individual 4k pages to userspace
Some drivers have resources that they want to be able to map into
userspace that are 4k in size. On a kernel configured with 64k pages
we currently end up mapping the 4k we want plus another 60k of
physical address space, which could contain anything. This can
introduce security problems, for example in the case of an infiniband
adaptor where the other 60k could contain registers that some other
program is using for its communications.
This patch adds a new function, remap_4k_pfn, which drivers can use to
map a single 4k page to userspace regardless of whether the kernel is
using a 4k or a 64k page size. Like remap_pfn_range, it would
typically be called in a driver's mmap function. It only maps a
single 4k page, which on a 64k page kernel appears replicated 16 times
throughout a 64k page. On a 4k page kernel it reduces to a call to
remap_pfn_range.
The way this works on a 64k kernel is that a new bit, _PAGE_4K_PFN,
gets set on the linux PTE. This alters the way that __hash_page_4K
computes the real address to put in the HPTE. The RPN field of the
linux PTE becomes the 4k RPN directly rather than being interpreted as
a 64k RPN. Since the RPN field is 32 bits, this means that physical
addresses being mapped with remap_4k_pfn have to be below 2^44,
i.e. 0x100000000000.
The patch also factors out the code in arch/powerpc/mm/hash_utils_64.c
that deals with demoting a process to use 4k pages into one function
that gets called in the various different places where we need to do
that. There were some discrepancies between exactly what was done in
the various places, such as a call to spu_flush_all_slbs in one case
but not in others.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2007-04-03 21:24:02 +10:00
/* If _PAGE_4K_PFN is set, make sure this is a 4k segment */
if ( pte_val ( * ptep ) & _PAGE_4K_PFN ) {
demote_segment_4k ( mm , ea ) ;
psize = MMU_PAGE_4K ;
}
2007-05-08 16:27:27 +10:00
/* If this PTE is non-cacheable and we have restrictions on
* using non cacheable large pages , then we switch to 4 k
*/
if ( mmu_ci_restrictions & & psize = = MMU_PAGE_64K & &
( pte_val ( * ptep ) & _PAGE_NO_CACHE ) ) {
if ( user_region ) {
demote_segment_4k ( mm , ea ) ;
psize = MMU_PAGE_4K ;
} else if ( ea < VMALLOC_END ) {
/*
* some driver did a non - cacheable mapping
* in vmalloc space , so switch vmalloc
* to 4 k pages
*/
printk ( KERN_ALERT " Reducing vmalloc segment "
" to 4kB pages because of "
" non-cacheable mapping \n " ) ;
psize = mmu_vmalloc_psize = MMU_PAGE_4K ;
2007-07-17 02:35:38 +10:00
# ifdef CONFIG_SPU_BASE
2007-03-10 00:05:37 +01:00
spu_flush_all_slbs ( mm ) ;
# endif
2006-06-15 10:45:18 +10:00
}
2007-05-08 16:27:27 +10:00
}
if ( user_region ) {
if ( psize ! = get_paca ( ) - > context . user_psize ) {
2007-10-29 12:05:18 +11:00
get_paca ( ) - > context = mm - > context ;
2006-06-15 10:45:18 +10:00
slb_flush_and_rebolt ( ) ;
}
2007-05-08 16:27:27 +10:00
} else if ( get_paca ( ) - > vmalloc_sllp ! =
mmu_psize_defs [ mmu_vmalloc_psize ] . sllp ) {
get_paca ( ) - > vmalloc_sllp =
mmu_psize_defs [ mmu_vmalloc_psize ] . sllp ;
2007-08-03 11:55:39 +10:00
slb_vmalloc_update ( ) ;
2006-06-15 10:45:18 +10:00
}
2007-05-08 16:27:28 +10:00
# endif /* CONFIG_PPC_64K_PAGES */
2007-05-08 16:27:27 +10:00
2007-05-08 16:27:28 +10:00
# ifdef CONFIG_PPC_HAS_HASH_64K
2006-06-15 10:45:18 +10:00
if ( psize = = MMU_PAGE_64K )
2007-10-11 20:37:10 +10:00
rc = __hash_page_64K ( ea , access , vsid , ptep , trap , local , ssize ) ;
2005-11-07 11:06:55 +11:00
else
2007-05-08 16:27:28 +10:00
# endif /* CONFIG_PPC_HAS_HASH_64K */
[POWERPC] Provide a way to protect 4k subpages when using 64k pages
Using 64k pages on 64-bit PowerPC systems makes life difficult for
emulators that are trying to emulate an ISA, such as x86, which use a
smaller page size, since the emulator can no longer use the MMU and
the normal system calls for controlling page protections. Of course,
the emulator can emulate the MMU by checking and possibly remapping
the address for each memory access in software, but that is pretty
slow.
This provides a facility for such programs to control the access
permissions on individual 4k sub-pages of 64k pages. The idea is
that the emulator supplies an array of protection masks to apply to a
specified range of virtual addresses. These masks are applied at the
level where hardware PTEs are inserted into the hardware page table
based on the Linux PTEs, so the Linux PTEs are not affected. Note
that this new mechanism does not allow any access that would otherwise
be prohibited; it can only prohibit accesses that would otherwise be
allowed. This new facility is only available on 64-bit PowerPC and
only when the kernel is configured for 64k pages.
The masks are supplied using a new subpage_prot system call, which
takes a starting virtual address and length, and a pointer to an array
of protection masks in memory. The array has a 32-bit word per 64k
page to be protected; each 32-bit word consists of 16 2-bit fields,
for which 0 allows any access (that is otherwise allowed), 1 prevents
write accesses, and 2 or 3 prevent any access.
Implicit in this is that the regions of the address space that are
protected are switched to use 4k hardware pages rather than 64k
hardware pages (on machines with hardware 64k page support). In fact
the whole process is switched to use 4k hardware pages when the
subpage_prot system call is used, but this could be improved in future
to switch only the affected segments.
The subpage protection bits are stored in a 3 level tree akin to the
page table tree. The top level of this tree is stored in a structure
that is appended to the top level of the page table tree, i.e., the
pgd array. Since it will often only be 32-bit addresses (below 4GB)
that are protected, the pointers to the first four bottom level pages
are also stored in this structure (each bottom level page contains the
protection bits for 1GB of address space), so the protection bits for
addresses below 4GB can be accessed with one fewer loads than those
for higher addresses.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2008-01-24 08:35:13 +11:00
{
int spp = subpage_protection ( pgdir , ea ) ;
if ( access & spp )
rc = - 2 ;
else
rc = __hash_page_4K ( ea , access , vsid , ptep , trap ,
local , ssize , spp ) ;
}
2005-11-07 11:06:55 +11:00
# ifndef CONFIG_PPC_64K_PAGES
DBG_LOW ( " o-pte: %016lx \n " , pte_val ( * ptep ) ) ;
# else
DBG_LOW ( " o-pte: %016lx %016lx \n " , pte_val ( * ptep ) ,
pte_val ( * ( ptep + PTRS_PER_PTE ) ) ) ;
# endif
DBG_LOW ( " -> rc=%d \n " , rc ) ;
return rc ;
2005-04-16 15:20:36 -07:00
}
2005-11-15 15:53:48 -05:00
EXPORT_SYMBOL_GPL ( hash_page ) ;
2005-04-16 15:20:36 -07:00
2005-11-07 11:06:55 +11:00
void hash_preload ( struct mm_struct * mm , unsigned long ea ,
unsigned long access , unsigned long trap )
2005-04-16 15:20:36 -07:00
{
2005-11-07 11:06:55 +11:00
unsigned long vsid ;
void * pgdir ;
pte_t * ptep ;
cpumask_t mask ;
unsigned long flags ;
int local = 0 ;
2007-10-11 20:37:10 +10:00
int ssize ;
2005-11-07 11:06:55 +11:00
2007-05-08 16:27:27 +10:00
BUG_ON ( REGION_ID ( ea ) ! = USER_REGION_ID ) ;
# ifdef CONFIG_PPC_MM_SLICES
/* We only prefault standard pages for now */
2007-08-16 08:03:35 +10:00
if ( unlikely ( get_slice_psize ( mm , ea ) ! = mm - > context . user_psize ) )
2005-11-07 11:06:55 +11:00
return ;
2007-05-08 16:27:27 +10:00
# endif
2005-11-07 11:06:55 +11:00
DBG_LOW ( " hash_preload(mm=%p, mm->pgdir=%p, ea=%016lx, access=%lx, "
" trap=%lx \n " , mm , mm - > pgd , ea , access , trap ) ;
2005-04-16 15:20:36 -07:00
2007-05-08 16:27:27 +10:00
/* Get Linux PTE if available */
2005-11-07 11:06:55 +11:00
pgdir = mm - > pgd ;
if ( pgdir = = NULL )
return ;
ptep = find_linux_pte ( pgdir , ea ) ;
if ( ! ptep )
return ;
2007-05-08 16:27:27 +10:00
# ifdef CONFIG_PPC_64K_PAGES
/* If either _PAGE_4K_PFN or _PAGE_NO_CACHE is set (and we are on
* a 64 K kernel ) , then we don ' t preload , hash_page ( ) will take
* care of it once we actually try to access the page .
* That way we don ' t have to duplicate all of the logic for segment
* page size demotion here
*/
if ( pte_val ( * ptep ) & ( _PAGE_4K_PFN | _PAGE_NO_CACHE ) )
return ;
# endif /* CONFIG_PPC_64K_PAGES */
/* Get VSID */
2007-10-11 20:37:10 +10:00
ssize = user_segment_size ( ea ) ;
vsid = get_vsid ( mm - > context . id , ea , ssize ) ;
2005-11-07 11:06:55 +11:00
2007-05-08 16:27:28 +10:00
/* Hash doesn't like irqs */
2005-11-07 11:06:55 +11:00
local_irq_save ( flags ) ;
2007-05-08 16:27:28 +10:00
/* Is that local to this CPU ? */
2005-11-07 11:06:55 +11:00
mask = cpumask_of_cpu ( smp_processor_id ( ) ) ;
if ( cpus_equal ( mm - > cpu_vm_mask , mask ) )
local = 1 ;
2007-05-08 16:27:28 +10:00
/* Hash it in */
# ifdef CONFIG_PPC_HAS_HASH_64K
2006-06-15 10:45:18 +10:00
if ( mm - > context . user_psize = = MMU_PAGE_64K )
2007-10-11 20:37:10 +10:00
__hash_page_64K ( ea , access , vsid , ptep , trap , local , ssize ) ;
2005-04-16 15:20:36 -07:00
else
2007-05-17 04:43:02 +10:00
# endif /* CONFIG_PPC_HAS_HASH_64K */
[POWERPC] Provide a way to protect 4k subpages when using 64k pages
Using 64k pages on 64-bit PowerPC systems makes life difficult for
emulators that are trying to emulate an ISA, such as x86, which use a
smaller page size, since the emulator can no longer use the MMU and
the normal system calls for controlling page protections. Of course,
the emulator can emulate the MMU by checking and possibly remapping
the address for each memory access in software, but that is pretty
slow.
This provides a facility for such programs to control the access
permissions on individual 4k sub-pages of 64k pages. The idea is
that the emulator supplies an array of protection masks to apply to a
specified range of virtual addresses. These masks are applied at the
level where hardware PTEs are inserted into the hardware page table
based on the Linux PTEs, so the Linux PTEs are not affected. Note
that this new mechanism does not allow any access that would otherwise
be prohibited; it can only prohibit accesses that would otherwise be
allowed. This new facility is only available on 64-bit PowerPC and
only when the kernel is configured for 64k pages.
The masks are supplied using a new subpage_prot system call, which
takes a starting virtual address and length, and a pointer to an array
of protection masks in memory. The array has a 32-bit word per 64k
page to be protected; each 32-bit word consists of 16 2-bit fields,
for which 0 allows any access (that is otherwise allowed), 1 prevents
write accesses, and 2 or 3 prevent any access.
Implicit in this is that the regions of the address space that are
protected are switched to use 4k hardware pages rather than 64k
hardware pages (on machines with hardware 64k page support). In fact
the whole process is switched to use 4k hardware pages when the
subpage_prot system call is used, but this could be improved in future
to switch only the affected segments.
The subpage protection bits are stored in a 3 level tree akin to the
page table tree. The top level of this tree is stored in a structure
that is appended to the top level of the page table tree, i.e., the
pgd array. Since it will often only be 32-bit addresses (below 4GB)
that are protected, the pointers to the first four bottom level pages
are also stored in this structure (each bottom level page contains the
protection bits for 1GB of address space), so the protection bits for
addresses below 4GB can be accessed with one fewer loads than those
for higher addresses.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2008-01-24 08:35:13 +11:00
__hash_page_4K ( ea , access , vsid , ptep , trap , local , ssize ,
subpage_protection ( pgdir , ea ) ) ;
2007-05-08 16:27:28 +10:00
2005-11-07 11:06:55 +11:00
local_irq_restore ( flags ) ;
}
2007-10-29 12:05:18 +11:00
/* WARNING: This is called from hash_low_64.S, if you change this prototype,
* do not forget to update the assembly call site !
*/
2007-10-11 20:37:10 +10:00
void flush_hash_page ( unsigned long va , real_pte_t pte , int psize , int ssize ,
int local )
2005-11-07 11:06:55 +11:00
{
unsigned long hash , index , shift , hidx , slot ;
DBG_LOW ( " flush_hash_page(va=%016x) \n " , va ) ;
pte_iterate_hashed_subpages ( pte , psize , va , index , shift ) {
2007-10-11 20:37:10 +10:00
hash = hpt_hash ( va , shift , ssize ) ;
2005-11-07 11:06:55 +11:00
hidx = __rpte_to_hidx ( pte , index ) ;
if ( hidx & _PTEIDX_SECONDARY )
hash = ~ hash ;
slot = ( hash & htab_hash_mask ) * HPTES_PER_GROUP ;
slot + = hidx & _PTEIDX_GROUP_IX ;
DBG_LOW ( " sub %d: hash=%x, hidx=%x \n " , index , slot , hidx ) ;
2007-10-11 20:37:10 +10:00
ppc_md . hpte_invalidate ( slot , va , psize , ssize , local ) ;
2005-11-07 11:06:55 +11:00
} pte_iterate_hashed_end ( ) ;
2005-04-16 15:20:36 -07:00
}
2005-09-20 13:52:50 +10:00
void flush_hash_range ( unsigned long number , int local )
2005-04-16 15:20:36 -07:00
{
2005-11-07 11:06:55 +11:00
if ( ppc_md . flush_hash_range )
2005-09-20 13:52:50 +10:00
ppc_md . flush_hash_range ( number , local ) ;
2005-11-07 11:06:55 +11:00
else {
2005-04-16 15:20:36 -07:00
int i ;
2005-09-20 13:52:50 +10:00
struct ppc64_tlb_batch * batch =
& __get_cpu_var ( ppc64_tlb_batch ) ;
2005-04-16 15:20:36 -07:00
for ( i = 0 ; i < number ; i + + )
2005-11-07 11:06:55 +11:00
flush_hash_page ( batch - > vaddr [ i ] , batch - > pte [ i ] ,
2007-10-11 20:37:10 +10:00
batch - > psize , batch - > ssize , local ) ;
2005-04-16 15:20:36 -07:00
}
}
/*
* low_hash_fault is called when we the low level hash code failed
* to instert a PTE due to an hypervisor error
*/
[POWERPC] Provide a way to protect 4k subpages when using 64k pages
Using 64k pages on 64-bit PowerPC systems makes life difficult for
emulators that are trying to emulate an ISA, such as x86, which use a
smaller page size, since the emulator can no longer use the MMU and
the normal system calls for controlling page protections. Of course,
the emulator can emulate the MMU by checking and possibly remapping
the address for each memory access in software, but that is pretty
slow.
This provides a facility for such programs to control the access
permissions on individual 4k sub-pages of 64k pages. The idea is
that the emulator supplies an array of protection masks to apply to a
specified range of virtual addresses. These masks are applied at the
level where hardware PTEs are inserted into the hardware page table
based on the Linux PTEs, so the Linux PTEs are not affected. Note
that this new mechanism does not allow any access that would otherwise
be prohibited; it can only prohibit accesses that would otherwise be
allowed. This new facility is only available on 64-bit PowerPC and
only when the kernel is configured for 64k pages.
The masks are supplied using a new subpage_prot system call, which
takes a starting virtual address and length, and a pointer to an array
of protection masks in memory. The array has a 32-bit word per 64k
page to be protected; each 32-bit word consists of 16 2-bit fields,
for which 0 allows any access (that is otherwise allowed), 1 prevents
write accesses, and 2 or 3 prevent any access.
Implicit in this is that the regions of the address space that are
protected are switched to use 4k hardware pages rather than 64k
hardware pages (on machines with hardware 64k page support). In fact
the whole process is switched to use 4k hardware pages when the
subpage_prot system call is used, but this could be improved in future
to switch only the affected segments.
The subpage protection bits are stored in a 3 level tree akin to the
page table tree. The top level of this tree is stored in a structure
that is appended to the top level of the page table tree, i.e., the
pgd array. Since it will often only be 32-bit addresses (below 4GB)
that are protected, the pointers to the first four bottom level pages
are also stored in this structure (each bottom level page contains the
protection bits for 1GB of address space), so the protection bits for
addresses below 4GB can be accessed with one fewer loads than those
for higher addresses.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2008-01-24 08:35:13 +11:00
void low_hash_fault ( struct pt_regs * regs , unsigned long address , int rc )
2005-04-16 15:20:36 -07:00
{
if ( user_mode ( regs ) ) {
[POWERPC] Provide a way to protect 4k subpages when using 64k pages
Using 64k pages on 64-bit PowerPC systems makes life difficult for
emulators that are trying to emulate an ISA, such as x86, which use a
smaller page size, since the emulator can no longer use the MMU and
the normal system calls for controlling page protections. Of course,
the emulator can emulate the MMU by checking and possibly remapping
the address for each memory access in software, but that is pretty
slow.
This provides a facility for such programs to control the access
permissions on individual 4k sub-pages of 64k pages. The idea is
that the emulator supplies an array of protection masks to apply to a
specified range of virtual addresses. These masks are applied at the
level where hardware PTEs are inserted into the hardware page table
based on the Linux PTEs, so the Linux PTEs are not affected. Note
that this new mechanism does not allow any access that would otherwise
be prohibited; it can only prohibit accesses that would otherwise be
allowed. This new facility is only available on 64-bit PowerPC and
only when the kernel is configured for 64k pages.
The masks are supplied using a new subpage_prot system call, which
takes a starting virtual address and length, and a pointer to an array
of protection masks in memory. The array has a 32-bit word per 64k
page to be protected; each 32-bit word consists of 16 2-bit fields,
for which 0 allows any access (that is otherwise allowed), 1 prevents
write accesses, and 2 or 3 prevent any access.
Implicit in this is that the regions of the address space that are
protected are switched to use 4k hardware pages rather than 64k
hardware pages (on machines with hardware 64k page support). In fact
the whole process is switched to use 4k hardware pages when the
subpage_prot system call is used, but this could be improved in future
to switch only the affected segments.
The subpage protection bits are stored in a 3 level tree akin to the
page table tree. The top level of this tree is stored in a structure
that is appended to the top level of the page table tree, i.e., the
pgd array. Since it will often only be 32-bit addresses (below 4GB)
that are protected, the pointers to the first four bottom level pages
are also stored in this structure (each bottom level page contains the
protection bits for 1GB of address space), so the protection bits for
addresses below 4GB can be accessed with one fewer loads than those
for higher addresses.
Signed-off-by: Paul Mackerras <paulus@samba.org>
2008-01-24 08:35:13 +11:00
# ifdef CONFIG_PPC_SUBPAGE_PROT
if ( rc = = - 2 )
_exception ( SIGSEGV , regs , SEGV_ACCERR , address ) ;
else
# endif
_exception ( SIGBUS , regs , BUS_ADRERR , address ) ;
} else
bad_page_fault ( regs , address , SIGBUS ) ;
2005-04-16 15:20:36 -07:00
}
2007-04-12 15:30:23 +10:00
# ifdef CONFIG_DEBUG_PAGEALLOC
static void kernel_map_linear_page ( unsigned long vaddr , unsigned long lmi )
{
2007-10-11 20:37:10 +10:00
unsigned long hash , hpteg ;
unsigned long vsid = get_kernel_vsid ( vaddr , mmu_kernel_ssize ) ;
unsigned long va = hpt_va ( vaddr , vsid , mmu_kernel_ssize ) ;
2007-04-12 15:30:23 +10:00
unsigned long mode = _PAGE_ACCESSED | _PAGE_DIRTY |
_PAGE_COHERENT | PP_RWXX | HPTE_R_N ;
int ret ;
2007-10-11 20:37:10 +10:00
hash = hpt_hash ( va , PAGE_SHIFT , mmu_kernel_ssize ) ;
2007-04-12 15:30:23 +10:00
hpteg = ( ( hash & htab_hash_mask ) * HPTES_PER_GROUP ) ;
ret = ppc_md . hpte_insert ( hpteg , va , __pa ( vaddr ) ,
2007-10-11 20:37:10 +10:00
mode , HPTE_V_BOLTED ,
mmu_linear_psize , mmu_kernel_ssize ) ;
2007-04-12 15:30:23 +10:00
BUG_ON ( ret < 0 ) ;
spin_lock ( & linear_map_hash_lock ) ;
BUG_ON ( linear_map_hash_slots [ lmi ] & 0x80 ) ;
linear_map_hash_slots [ lmi ] = ret | 0x80 ;
spin_unlock ( & linear_map_hash_lock ) ;
}
static void kernel_unmap_linear_page ( unsigned long vaddr , unsigned long lmi )
{
2007-10-11 20:37:10 +10:00
unsigned long hash , hidx , slot ;
unsigned long vsid = get_kernel_vsid ( vaddr , mmu_kernel_ssize ) ;
unsigned long va = hpt_va ( vaddr , vsid , mmu_kernel_ssize ) ;
2007-04-12 15:30:23 +10:00
2007-10-11 20:37:10 +10:00
hash = hpt_hash ( va , PAGE_SHIFT , mmu_kernel_ssize ) ;
2007-04-12 15:30:23 +10:00
spin_lock ( & linear_map_hash_lock ) ;
BUG_ON ( ! ( linear_map_hash_slots [ lmi ] & 0x80 ) ) ;
hidx = linear_map_hash_slots [ lmi ] & 0x7f ;
linear_map_hash_slots [ lmi ] = 0 ;
spin_unlock ( & linear_map_hash_lock ) ;
if ( hidx & _PTEIDX_SECONDARY )
hash = ~ hash ;
slot = ( hash & htab_hash_mask ) * HPTES_PER_GROUP ;
slot + = hidx & _PTEIDX_GROUP_IX ;
2007-10-11 20:37:10 +10:00
ppc_md . hpte_invalidate ( slot , va , mmu_linear_psize , mmu_kernel_ssize , 0 ) ;
2007-04-12 15:30:23 +10:00
}
void kernel_map_pages ( struct page * page , int numpages , int enable )
{
unsigned long flags , vaddr , lmi ;
int i ;
local_irq_save ( flags ) ;
for ( i = 0 ; i < numpages ; i + + , page + + ) {
vaddr = ( unsigned long ) page_address ( page ) ;
lmi = __pa ( vaddr ) > > PAGE_SHIFT ;
if ( lmi > = linear_map_hash_count )
continue ;
if ( enable )
kernel_map_linear_page ( vaddr , lmi ) ;
else
kernel_unmap_linear_page ( vaddr , lmi ) ;
}
local_irq_restore ( flags ) ;
}
# endif /* CONFIG_DEBUG_PAGEALLOC */