1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 *
25 * Copyright 2018 Joyent, Inc.
26 */
27
28 #include <sys/t_lock.h>
29 #include <sys/memlist.h>
30 #include <sys/cpuvar.h>
31 #include <sys/vmem.h>
32 #include <sys/mman.h>
33 #include <sys/vm.h>
34 #include <sys/kmem.h>
35 #include <sys/cmn_err.h>
36 #include <sys/debug.h>
37 #include <sys/vm_machparam.h>
38 #include <sys/tss.h>
39 #include <sys/vnode.h>
40 #include <vm/hat.h>
41 #include <vm/anon.h>
42 #include <vm/as.h>
43 #include <vm/page.h>
44 #include <vm/seg.h>
45 #include <vm/seg_kmem.h>
46 #include <vm/seg_map.h>
47 #include <vm/hat_i86.h>
48 #include <sys/promif.h>
49 #include <sys/x86_archext.h>
50 #include <sys/systm.h>
51 #include <sys/archsystm.h>
52 #include <sys/sunddi.h>
53 #include <sys/ddidmareq.h>
54 #include <sys/controlregs.h>
55 #include <sys/reboot.h>
56 #include <sys/kdi.h>
57 #include <sys/bootconf.h>
58 #include <sys/bootsvcs.h>
59 #include <sys/bootinfo.h>
60 #include <vm/kboot_mmu.h>
61
62 #ifdef __xpv
63 #include <sys/hypervisor.h>
64 #endif
65
66 #define ON_USER_HAT(cpu) \
67 ((cpu)->cpu_m.mcpu_current_hat != NULL && \
68 (cpu)->cpu_m.mcpu_current_hat != kas.a_hat)
69
70 /*
71 * Flag is not set early in boot. Once it is set we are no longer
72 * using boot's page tables.
73 */
74 uint_t khat_running = 0;
75
76 /*
77 * This procedure is callable only while the boot loader is in charge of the
78 * MMU. It assumes that PA == VA for page table pointers. It doesn't live in
79 * kboot_mmu.c since it's used from common code.
80 */
81 pfn_t
82 va_to_pfn(void *vaddr)
83 {
84 uintptr_t des_va = ALIGN2PAGE(vaddr);
85 uintptr_t va = des_va;
86 size_t len;
87 uint_t prot;
88 pfn_t pfn;
89
90 if (khat_running)
91 panic("va_to_pfn(): called too late\n");
92
93 if (kbm_probe(&va, &len, &pfn, &prot) == 0)
94 return (PFN_INVALID);
95 if (va > des_va)
96 return (PFN_INVALID);
97 if (va < des_va)
98 pfn += mmu_btop(des_va - va);
99 return (pfn);
100 }
101
102 /*
103 * Initialize a special area in the kernel that always holds some PTEs for
104 * faster performance. This always holds segmap's PTEs.
105 * In the 32 bit kernel this maps the kernel heap too.
106 */
107 void
108 hat_kmap_init(uintptr_t base, size_t len)
109 {
110 uintptr_t map_addr; /* base rounded down to large page size */
111 uintptr_t map_eaddr; /* base + len rounded up */
112 size_t map_len;
113 caddr_t ptes; /* mapping area in kernel for kmap ptes */
114 size_t window_size; /* size of mapping area for ptes */
115 ulong_t htable_cnt; /* # of page tables to cover map_len */
116 ulong_t i;
117 htable_t *ht;
118 uintptr_t va;
119
120 /*
121 * We have to map in an area that matches an entire page table.
122 * The PTEs are large page aligned to avoid spurious pagefaults
123 * on the hypervisor.
124 */
125 map_addr = base & LEVEL_MASK(1);
126 map_eaddr = (base + len + LEVEL_SIZE(1) - 1) & LEVEL_MASK(1);
127 map_len = map_eaddr - map_addr;
128 window_size = mmu_btop(map_len) * mmu.pte_size;
129 window_size = (window_size + LEVEL_SIZE(1)) & LEVEL_MASK(1);
130 htable_cnt = map_len >> LEVEL_SHIFT(1);
131
132 /*
133 * allocate vmem for the kmap_ptes
134 */
135 ptes = vmem_xalloc(heap_arena, window_size, LEVEL_SIZE(1), 0,
136 0, NULL, NULL, VM_SLEEP);
137 mmu.kmap_htables =
138 kmem_alloc(htable_cnt * sizeof (htable_t *), KM_SLEEP);
139
140 /*
141 * Map the page tables that cover kmap into the allocated range.
142 * Note we don't ever htable_release() the kmap page tables - they
143 * can't ever be stolen, freed, etc.
144 */
145 for (va = map_addr, i = 0; i < htable_cnt; va += LEVEL_SIZE(1), ++i) {
146 ht = htable_create(kas.a_hat, va, 0, NULL);
147 if (ht == NULL)
148 panic("hat_kmap_init: ht == NULL");
149 mmu.kmap_htables[i] = ht;
150
151 hat_devload(kas.a_hat, ptes + i * MMU_PAGESIZE,
152 MMU_PAGESIZE, ht->ht_pfn,
153 #ifdef __xpv
154 PROT_READ | HAT_NOSYNC | HAT_UNORDERED_OK,
155 #else
156 PROT_READ | PROT_WRITE | HAT_NOSYNC | HAT_UNORDERED_OK,
157 #endif
158 HAT_LOAD | HAT_LOAD_NOCONSIST);
159 }
160
161 /*
162 * set information in mmu to activate handling of kmap
163 */
164 mmu.kmap_addr = map_addr;
165 mmu.kmap_eaddr = map_eaddr;
166 mmu.kmap_ptes = (x86pte_t *)ptes;
167 }
168
169 extern caddr_t kpm_vbase;
170 extern size_t kpm_size;
171
172 #ifdef __xpv
173 /*
174 * Create the initial segkpm mappings for the hypervisor. To avoid having
175 * to deal with page tables being read only, we make all mappings
176 * read only at first.
177 */
178 static void
179 xen_kpm_create(paddr_t paddr, level_t lvl)
180 {
181 ulong_t pg_off;
182
183 for (pg_off = 0; pg_off < LEVEL_SIZE(lvl); pg_off += MMU_PAGESIZE) {
184 kbm_map((uintptr_t)kpm_vbase + paddr, (paddr_t)0, 0, 1);
185 kbm_read_only((uintptr_t)kpm_vbase + paddr + pg_off,
186 paddr + pg_off);
187 }
188 }
189
190 /*
191 * Try to make all kpm mappings writable. Failures are ok, as those
192 * are just pagetable, GDT, etc. pages.
193 */
194 static void
195 xen_kpm_finish_init(void)
196 {
197 pfn_t gdtpfn = mmu_btop(CPU->cpu_m.mcpu_gdtpa);
198 pfn_t pfn;
199 page_t *pp;
200
201 for (pfn = 0; pfn < mfn_count; ++pfn) {
202 /*
203 * skip gdt
204 */
205 if (pfn == gdtpfn)
206 continue;
207
208 /*
209 * p_index is a hint that this is a pagetable
210 */
211 pp = page_numtopp_nolock(pfn);
212 if (pp && pp->p_index) {
213 pp->p_index = 0;
214 continue;
215 }
216 (void) xen_kpm_page(pfn, PT_VALID | PT_WRITABLE);
217 }
218 }
219 #endif
220
221 /*
222 * Routine to pre-allocate data structures for hat_kern_setup(). It computes
223 * how many pagetables it needs by walking the boot loader's page tables.
224 */
225 /*ARGSUSED*/
226 void
227 hat_kern_alloc(
228 caddr_t segmap_base,
229 size_t segmap_size,
230 caddr_t ekernelheap)
231 {
232 uintptr_t last_va = (uintptr_t)-1; /* catch 1st time */
233 uintptr_t va = 0;
234 size_t size;
235 pfn_t pfn;
236 uint_t prot;
237 uint_t table_cnt = 1;
238 uint_t mapping_cnt;
239 level_t start_level;
240 level_t l;
241 struct memlist *pmem;
242 level_t lpagel = mmu.max_page_level;
243 uint64_t paddr;
244 int64_t psize;
245 int nwindows;
246
247 if (kpm_size > 0) {
248 /*
249 * Create the kpm page tables. When running on the
250 * hypervisor these are made read/only at first.
251 * Later we'll add write permission where possible.
252 */
253 for (pmem = phys_install; pmem; pmem = pmem->ml_next) {
254 paddr = pmem->ml_address;
255 psize = pmem->ml_size;
256 while (psize >= MMU_PAGESIZE) {
257 /* find the largest page size */
258 for (l = lpagel; l > 0; l--) {
259 if ((paddr & LEVEL_OFFSET(l)) == 0 &&
260 psize > LEVEL_SIZE(l))
261 break;
262 }
263
264 #if defined(__xpv)
265 /*
266 * Create read/only mappings to avoid
267 * conflicting with pagetable usage
268 */
269 xen_kpm_create(paddr, l);
270 #else
271 kbm_map((uintptr_t)kpm_vbase + paddr, paddr,
272 l, 1);
273 #endif
274 paddr += LEVEL_SIZE(l);
275 psize -= LEVEL_SIZE(l);
276 }
277 }
278 }
279
280 /*
281 * If this machine doesn't have a kpm segment, we need to allocate
282 * a small number of 'windows' which can be used to map pagetables.
283 */
284 nwindows = (kpm_size == 0) ? 2 * NCPU : 0;
285
286 #if defined(__xpv)
287 /*
288 * On a hypervisor, these windows are also used by the xpv_panic
289 * code, where we need one window for each level of the pagetable
290 * hierarchy.
291 */
292 nwindows = MAX(nwindows, mmu.max_level);
293 #endif
294
295 if (nwindows != 0) {
296 /*
297 * Create the page windows and 1 page of VA in
298 * which we map the PTEs of those windows.
299 */
300 mmu.pwin_base = vmem_xalloc(heap_arena, nwindows * MMU_PAGESIZE,
301 LEVEL_SIZE(1), 0, 0, NULL, NULL, VM_SLEEP);
302 ASSERT(nwindows <= MMU_PAGESIZE / mmu.pte_size);
303 mmu.pwin_pte_va = vmem_xalloc(heap_arena, MMU_PAGESIZE,
304 MMU_PAGESIZE, 0, 0, NULL, NULL, VM_SLEEP);
305
306 /*
307 * Find/Create the page table window mappings.
308 */
309 paddr = 0;
310 (void) find_pte((uintptr_t)mmu.pwin_base, &paddr, 0, 0);
311 ASSERT(paddr != 0);
312 ASSERT((paddr & MMU_PAGEOFFSET) == 0);
313 mmu.pwin_pte_pa = paddr;
314 #ifdef __xpv
315 (void) find_pte((uintptr_t)mmu.pwin_pte_va, NULL, 0, 0);
316 kbm_read_only((uintptr_t)mmu.pwin_pte_va, mmu.pwin_pte_pa);
317 #else
318 kbm_map((uintptr_t)mmu.pwin_pte_va, mmu.pwin_pte_pa, 0, 1);
319 #endif
320 }
321
322 /*
323 * Walk the boot loader's page tables and figure out
324 * how many tables and page mappings there will be.
325 */
326 while (kbm_probe(&va, &size, &pfn, &prot) != 0) {
327 /*
328 * At each level, if the last_va falls into a new htable,
329 * increment table_cnt. We can stop at the 1st level where
330 * they are in the same htable.
331 */
332 start_level = 0;
333 while (start_level <= mmu.max_page_level) {
334 if (size == LEVEL_SIZE(start_level))
335 break;
336 start_level++;
337 }
338
339 for (l = start_level; l < mmu.max_level; ++l) {
340 if (va >> LEVEL_SHIFT(l + 1) ==
341 last_va >> LEVEL_SHIFT(l + 1))
342 break;
343 ++table_cnt;
344 }
345 last_va = va;
346 l = (start_level == 0) ? 1 : start_level;
347 va = (va & LEVEL_MASK(l)) + LEVEL_SIZE(l);
348 }
349
350 /*
351 * Besides the boot loader mappings, we're going to fill in
352 * the entire top level page table for the kernel. Make sure there's
353 * enough reserve for that too.
354 */
355 table_cnt += mmu.top_level_count - ((kernelbase >>
356 LEVEL_SHIFT(mmu.max_level)) & (mmu.top_level_count - 1));
357
358 /*
359 * Add 1/4 more into table_cnt for extra slop. The unused
360 * slop is freed back when we htable_adjust_reserve() later.
361 */
362 table_cnt += table_cnt >> 2;
363
364 /*
365 * We only need mapping entries (hments) for shared pages.
366 * This should be far, far fewer than the total possible,
367 * We'll allocate enough for 1/16 of all possible PTEs.
368 */
369 mapping_cnt = (table_cnt * mmu.ptes_per_table) >> 4;
370
371 /*
372 * Now create the initial htable/hment reserves
373 */
374 htable_initial_reserve(table_cnt);
375 hment_reserve(mapping_cnt);
376 x86pte_cpu_init(CPU);
377 }
378
379
380 /*
381 * This routine handles the work of creating the kernel's initial mappings
382 * by deciphering the mappings in the page tables created by the boot program.
383 *
384 * We maintain large page mappings, but only to a level 1 pagesize.
385 * The boot loader can only add new mappings once this function starts.
386 * In particular it can not change the pagesize used for any existing
387 * mappings or this code breaks!
388 */
389
390 void
391 hat_kern_setup(void)
392 {
393 /*
394 * Attach htables to the existing pagetables
395 */
396 /* BEGIN CSTYLED */
397 htable_attach(kas.a_hat, 0, mmu.max_level, NULL,
398 #ifdef __xpv
399 mmu_btop(xen_info->pt_base - ONE_GIG));
400 #else
401 mmu_btop(getcr3_pa()));
402 #endif
403 /* END CSTYLED */
404
405 #if defined(__xpv)
406 /*
407 * Try to make the kpm mappings r/w. Failures here are OK, as
408 * it's probably just a pagetable
409 */
410 xen_kpm_finish_init();
411 #endif
412
413 /*
414 * The kernel HAT is now officially open for business.
415 */
416 khat_running = 1;
417
418 CPUSET_ATOMIC_ADD(kas.a_hat->hat_cpus, CPU->cpu_id);
419 CPU->cpu_current_hat = kas.a_hat;
420 }
421
422 #ifndef __xpv
423
424 /*
425 * Note that the INVPCID_ALL* variants can be used even in the !PCIDE case, but
426 * INVPCID_ADDR isn't.
427 */
428 static void
429 invpcid(uint64_t type, uint64_t pcid, uintptr_t addr)
430 {
431 ulong_t flag;
432 uint64_t cr4;
433
434 if (x86_use_invpcid == 1) {
435 ASSERT(is_x86_feature(x86_featureset, X86FSET_INVPCID));
436 invpcid_insn(type, pcid, addr);
437 return;
438 }
439
440 switch (type) {
441 case INVPCID_ALL_GLOBAL:
442 flag = intr_clear();
443 cr4 = getcr4();
444 setcr4(cr4 & ~(ulong_t)CR4_PGE);
445 setcr4(cr4 | CR4_PGE);
446 intr_restore(flag);
447 break;
448
449 case INVPCID_ALL_NONGLOBAL:
450 if (!(getcr4() & CR4_PCIDE)) {
451 reload_cr3();
452 } else {
453 flag = intr_clear();
454 cr4 = getcr4();
455 setcr4(cr4 & ~(ulong_t)CR4_PGE);
456 setcr4(cr4 | CR4_PGE);
457 intr_restore(flag);
458 }
459 break;
460
461 case INVPCID_ADDR:
462 if (pcid == PCID_USER) {
463 flag = intr_clear();
464 ASSERT(addr < kernelbase);
465 ASSERT(ON_USER_HAT(CPU));
466 ASSERT(CPU->cpu_m.mcpu_kpti.kf_user_cr3 != 0);
467 tr_mmu_flush_user_range(addr, MMU_PAGESIZE,
468 MMU_PAGESIZE, CPU->cpu_m.mcpu_kpti.kf_user_cr3);
469 intr_restore(flag);
470 } else {
471 mmu_invlpg((caddr_t)addr);
472 }
473 break;
474
475 default:
476 panic("unsupported invpcid(%lu)", type);
477 break;
478 }
479 }
480
481 /*
482 * Flush one kernel mapping.
483 *
484 * We want to assert on kernel space here mainly for reasoning about the PCIDE
485 * case: namely, this flush should never need to flush a non-current PCID
486 * mapping. This presumes we never have reason to flush the kernel regions
487 * available to PCID_USER (the trampolines and so on). It also relies on
488 * PCID_KERNEL == PCID_NONE.
489 */
490 void
491 mmu_flush_tlb_kpage(uintptr_t va)
492 {
493 ASSERT(va >= kernelbase);
494 ASSERT(getpcid() == PCID_KERNEL);
495 mmu_invlpg((caddr_t)va);
496 }
497
498 /*
499 * Flush one mapping: local CPU version of hat_tlb_inval().
500 *
501 * If this is a userspace address in the PCIDE case, we need two invalidations,
502 * one for any potentially stale PCID_USER mapping, as well as any established
503 * while in the kernel.
504 */
505 void
506 mmu_flush_tlb_page(uintptr_t va)
507 {
508 ASSERT(getpcid() == PCID_KERNEL);
509
510 if (va >= kernelbase) {
511 mmu_flush_tlb_kpage(va);
512 return;
513 }
514
515 if (!(getcr4() & CR4_PCIDE)) {
516 mmu_invlpg((caddr_t)va);
517 return;
518 }
519
520 /*
521 * Yes, kas will need to flush below kernelspace, at least during boot.
522 * But there's no PCID_USER context.
523 */
524 if (ON_USER_HAT(CPU))
525 invpcid(INVPCID_ADDR, PCID_USER, va);
526 invpcid(INVPCID_ADDR, PCID_KERNEL, va);
527 }
528
529 static void
530 mmu_flush_tlb_range(uintptr_t addr, size_t len, size_t pgsz)
531 {
532 EQUIV(addr < kernelbase, (addr + len - 1) < kernelbase);
533 ASSERT(len > 0);
534 ASSERT(pgsz != 0);
535
536 if (!(getcr4() & CR4_PCIDE) || x86_use_invpcid == 1) {
537 for (uintptr_t va = addr; va < (addr + len); va += pgsz)
538 mmu_flush_tlb_page(va);
539 return;
540 }
541
542 /*
543 * As an emulated invpcid() in the PCIDE case requires jumping
544 * cr3s, we batch the invalidations. We should only need to flush the
545 * user range if we're on a user-space HAT.
546 */
547 if (addr < kernelbase && ON_USER_HAT(CPU)) {
548 ulong_t flag = intr_clear();
549 ASSERT(CPU->cpu_m.mcpu_kpti.kf_user_cr3 != 0);
550 tr_mmu_flush_user_range(addr, len, pgsz,
551 CPU->cpu_m.mcpu_kpti.kf_user_cr3);
552 intr_restore(flag);
553 }
554
555 for (uintptr_t va = addr; va < (addr + len); va += pgsz)
556 mmu_invlpg((caddr_t)va);
557 }
558
559 /*
560 * MMU TLB (and PT cache) flushing on this CPU.
561 *
562 * FLUSH_TLB_ALL: invalidate everything, all PCIDs, all PT_GLOBAL.
563 * FLUSH_TLB_NONGLOBAL: invalidate all PCIDs, excluding PT_GLOBAL
564 * FLUSH_TLB_RANGE: invalidate the given range, including PCID_USER
565 * mappings as appropriate. If using invpcid, PT_GLOBAL mappings are not
566 * invalidated.
567 */
568 void
569 mmu_flush_tlb(flush_tlb_type_t type, tlb_range_t *range)
570 {
571 ASSERT(getpcid() == PCID_KERNEL);
572
573 switch (type) {
574 case FLUSH_TLB_ALL:
575 ASSERT(range == NULL);
576 invpcid(INVPCID_ALL_GLOBAL, 0, 0);
577 break;
578
579 case FLUSH_TLB_NONGLOBAL:
580 ASSERT(range == NULL);
581 invpcid(INVPCID_ALL_NONGLOBAL, 0, 0);
582 break;
583
584 case FLUSH_TLB_RANGE: {
585 mmu_flush_tlb_range(range->tr_va, TLB_RANGE_LEN(range),
586 LEVEL_SIZE(range->tr_level));
587 break;
588 }
589
590 default:
591 panic("invalid call mmu_flush_tlb(%d)", type);
592 break;
593 }
594 }
595
596 #endif /* ! __xpv */