Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap. Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/sun4v/vm/mach_vm_dep.c
+++ new/usr/src/uts/sun4v/vm/mach_vm_dep.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 23 * Use is subject to license terms.
24 24 */
25 25
26 26 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
27 27 /* All Rights Reserved */
28 28
29 29 /*
30 30 * Portions of this source code were derived from Berkeley 4.3 BSD
31 31 * under license from the Regents of the University of California.
32 32 */
33 33
34 34 /*
35 35 * UNIX machine dependent virtual memory support.
36 36 */
37 37
38 38 #include <sys/vm.h>
39 39 #include <sys/exec.h>
40 40 #include <sys/cmn_err.h>
41 41 #include <sys/cpu_module.h>
42 42 #include <sys/cpu.h>
43 43 #include <sys/elf_SPARC.h>
44 44 #include <sys/archsystm.h>
|
↓ open down ↓ |
44 lines elided |
↑ open up ↑ |
45 45 #include <vm/hat_sfmmu.h>
46 46 #include <sys/memnode.h>
47 47 #include <sys/mem_cage.h>
48 48 #include <vm/vm_dep.h>
49 49 #include <sys/error.h>
50 50 #include <sys/machsystm.h>
51 51 #include <vm/seg_kmem.h>
52 52 #include <sys/stack.h>
53 53 #include <sys/atomic.h>
54 54 #include <sys/promif.h>
55 +#include <sys/random.h>
55 56
56 57 uint_t page_colors = 0;
57 58 uint_t page_colors_mask = 0;
58 59 uint_t page_coloring_shift = 0;
59 60 int consistent_coloring;
60 61 int update_proc_pgcolorbase_after_fork = 1;
61 62
62 63 uint_t mmu_page_sizes = MMU_PAGE_SIZES;
63 64 uint_t max_mmu_page_sizes = MMU_PAGE_SIZES;
64 65 uint_t mmu_hashcnt = MAX_HASHCNT;
65 66 uint_t max_mmu_hashcnt = MAX_HASHCNT;
66 67 size_t mmu_ism_pagesize = DEFAULT_ISM_PAGESIZE;
67 68
68 69 /*
69 70 * A bitmask of the page sizes supported by hardware based upon szc.
70 71 * The base pagesize (p_szc == 0) must always be supported by the hardware.
71 72 */
72 73 int mmu_exported_pagesize_mask;
73 74 uint_t mmu_exported_page_sizes;
74 75
75 76 uint_t szc_2_userszc[MMU_PAGE_SIZES];
76 77 uint_t userszc_2_szc[MMU_PAGE_SIZES];
77 78
78 79 extern uint_t vac_colors_mask;
79 80 extern int vac_shift;
80 81
81 82 hw_pagesize_t hw_page_array[] = {
82 83 {MMU_PAGESIZE, MMU_PAGESHIFT, 0, MMU_PAGESIZE >> MMU_PAGESHIFT},
83 84 {MMU_PAGESIZE64K, MMU_PAGESHIFT64K, 0,
84 85 MMU_PAGESIZE64K >> MMU_PAGESHIFT},
85 86 {MMU_PAGESIZE512K, MMU_PAGESHIFT512K, 0,
86 87 MMU_PAGESIZE512K >> MMU_PAGESHIFT},
87 88 {MMU_PAGESIZE4M, MMU_PAGESHIFT4M, 0, MMU_PAGESIZE4M >> MMU_PAGESHIFT},
88 89 {MMU_PAGESIZE32M, MMU_PAGESHIFT32M, 0,
89 90 MMU_PAGESIZE32M >> MMU_PAGESHIFT},
90 91 {MMU_PAGESIZE256M, MMU_PAGESHIFT256M, 0,
91 92 MMU_PAGESIZE256M >> MMU_PAGESHIFT},
92 93 {0, 0, 0, 0}
93 94 };
94 95
95 96 /*
96 97 * Maximum page size used to map 64-bit memory segment kmem64_base..kmem64_end
97 98 */
98 99 int max_bootlp_tteszc = TTE256M;
99 100
100 101 /*
101 102 * Maximum and default segment size tunables for user heap, stack, private
102 103 * and shared anonymous memory, and user text and initialized data.
103 104 */
104 105 size_t max_uheap_lpsize = MMU_PAGESIZE64K;
105 106 size_t default_uheap_lpsize = MMU_PAGESIZE64K;
106 107 size_t max_ustack_lpsize = MMU_PAGESIZE64K;
107 108 size_t default_ustack_lpsize = MMU_PAGESIZE64K;
108 109 size_t max_privmap_lpsize = MMU_PAGESIZE64K;
109 110 size_t max_uidata_lpsize = MMU_PAGESIZE64K;
110 111 size_t max_utext_lpsize = MMU_PAGESIZE4M;
111 112 size_t max_shm_lpsize = MMU_PAGESIZE4M;
112 113
113 114 /*
114 115 * Contiguous memory allocator data structures and variables.
115 116 *
116 117 * The sun4v kernel must provide a means to allocate physically
117 118 * contiguous, non-relocatable memory. The contig_mem_arena
118 119 * and contig_mem_slab_arena exist for this purpose. Allocations
119 120 * that require physically contiguous non-relocatable memory should
120 121 * be made using contig_mem_alloc() or contig_mem_alloc_align()
121 122 * which return memory from contig_mem_arena or contig_mem_reloc_arena.
122 123 * These arenas import memory from the contig_mem_slab_arena one
123 124 * contiguous chunk at a time.
124 125 *
125 126 * When importing slabs, an attempt is made to allocate a large page
126 127 * to use as backing. As a result of the non-relocatable requirement,
127 128 * slabs are allocated from the kernel cage freelists. If the cage does
128 129 * not contain any free contiguous chunks large enough to satisfy the
129 130 * slab allocation, the slab size will be downsized and the operation
130 131 * retried. Large slab sizes are tried first to minimize cage
131 132 * fragmentation. If the slab allocation is unsuccessful still, the slab
132 133 * is allocated from outside the kernel cage. This is undesirable because,
133 134 * until slabs are freed, it results in non-relocatable chunks scattered
134 135 * throughout physical memory.
135 136 *
136 137 * Allocations from the contig_mem_arena are backed by slabs from the
137 138 * cage. Allocations from the contig_mem_reloc_arena are backed by
138 139 * slabs allocated outside the cage. Slabs are left share locked while
139 140 * in use to prevent non-cage slabs from being relocated.
140 141 *
141 142 * Since there is no guarantee that large pages will be available in
142 143 * the kernel cage, contiguous memory is reserved and added to the
143 144 * contig_mem_arena at boot time, making it available for later
144 145 * contiguous memory allocations. This reserve will be used to satisfy
145 146 * contig_mem allocations first and it is only when the reserve is
146 147 * completely allocated that new slabs will need to be imported.
147 148 */
148 149 static vmem_t *contig_mem_slab_arena;
149 150 static vmem_t *contig_mem_arena;
150 151 static vmem_t *contig_mem_reloc_arena;
151 152 static kmutex_t contig_mem_lock;
152 153 #define CONTIG_MEM_ARENA_QUANTUM 64
153 154 #define CONTIG_MEM_SLAB_ARENA_QUANTUM MMU_PAGESIZE64K
154 155
155 156 /* contig_mem_arena import slab sizes, in decreasing size order */
156 157 static size_t contig_mem_import_sizes[] = {
157 158 MMU_PAGESIZE4M,
158 159 MMU_PAGESIZE512K,
159 160 MMU_PAGESIZE64K
160 161 };
|
↓ open down ↓ |
96 lines elided |
↑ open up ↑ |
161 162 #define NUM_IMPORT_SIZES \
162 163 (sizeof (contig_mem_import_sizes) / sizeof (size_t))
163 164 static size_t contig_mem_import_size_max = MMU_PAGESIZE4M;
164 165 size_t contig_mem_slab_size = MMU_PAGESIZE4M;
165 166
166 167 /* Boot-time allocated buffer to pre-populate the contig_mem_arena */
167 168 static size_t contig_mem_prealloc_size;
168 169 static void *contig_mem_prealloc_buf;
169 170
170 171 /*
172 + * The maximum amount a randomized mapping will be slewed. We should perhaps
173 + * arrange things so these tunables can be separate for mmap, mmapobj, and
174 + * ld.so
175 + */
176 +volatile size_t aslr_max_map_skew = 256 * 1024 * 1024; /* 256MB */
177 +
178 +/*
171 179 * map_addr_proc() is the routine called when the system is to
172 180 * choose an address for the user. We will pick an address
173 181 * range which is just below the current stack limit. The
174 182 * algorithm used for cache consistency on machines with virtual
175 183 * address caches is such that offset 0 in the vnode is always
176 184 * on a shm_alignment'ed aligned address. Unfortunately, this
177 185 * means that vnodes which are demand paged will not be mapped
178 186 * cache consistently with the executable images. When the
179 187 * cache alignment for a given object is inconsistent, the
180 188 * lower level code must manage the translations so that this
181 189 * is not seen here (at the cost of efficiency, of course).
182 190 *
183 191 * Every mapping will have a redzone of a single page on either side of
184 192 * the request. This is done to leave one page unmapped between segments.
185 193 * This is not required, but it's useful for the user because if their
186 194 * program strays across a segment boundary, it will catch a fault
187 195 * immediately making debugging a little easier. Currently the redzone
188 196 * is mandatory.
189 197 *
190 198 * addrp is a value/result parameter.
191 199 * On input it is a hint from the user to be used in a completely
192 200 * machine dependent fashion. For MAP_ALIGN, addrp contains the
193 201 * minimal alignment, which must be some "power of two" multiple of
194 202 * pagesize.
195 203 *
196 204 * On output it is NULL if no address can be found in the current
197 205 * processes address space or else an address that is currently
198 206 * not mapped for len bytes with a page of red zone on either side.
199 207 * If vacalign is true, then the selected address will obey the alignment
200 208 * constraints of a vac machine based on the given off value.
201 209 */
202 210 /*ARGSUSED3*/
203 211 void
204 212 map_addr_proc(caddr_t *addrp, size_t len, offset_t off, int vacalign,
205 213 caddr_t userlimit, struct proc *p, uint_t flags)
206 214 {
207 215 struct as *as = p->p_as;
208 216 caddr_t addr;
209 217 caddr_t base;
210 218 size_t slen;
211 219 uintptr_t align_amount;
212 220 int allow_largepage_alignment = 1;
213 221
214 222 base = p->p_brkbase;
215 223 if (userlimit < as->a_userlimit) {
216 224 /*
217 225 * This happens when a program wants to map something in
218 226 * a range that's accessible to a program in a smaller
219 227 * address space. For example, a 64-bit program might
220 228 * be calling mmap32(2) to guarantee that the returned
221 229 * address is below 4Gbytes.
222 230 */
223 231 ASSERT(userlimit > base);
224 232 slen = userlimit - base;
225 233 } else {
226 234 slen = p->p_usrstack - base -
227 235 ((p->p_stk_ctl + PAGEOFFSET) & PAGEMASK);
228 236 }
229 237 /* Make len be a multiple of PAGESIZE */
230 238 len = (len + PAGEOFFSET) & PAGEMASK;
231 239
232 240 /*
233 241 * If the request is larger than the size of a particular
234 242 * mmu level, then we use that level to map the request.
235 243 * But this requires that both the virtual and the physical
236 244 * addresses be aligned with respect to that level, so we
237 245 * do the virtual bit of nastiness here.
238 246 *
239 247 * For 32-bit processes, only those which have specified
240 248 * MAP_ALIGN or an addr will be aligned on a page size > 4MB. Otherwise
241 249 * we can potentially waste up to 256MB of the 4G process address
242 250 * space just for alignment.
243 251 *
244 252 * XXXQ Should iterate trough hw_page_array here to catch
245 253 * all supported pagesizes
246 254 */
247 255 if (p->p_model == DATAMODEL_ILP32 && ((flags & MAP_ALIGN) == 0 ||
248 256 ((uintptr_t)*addrp) != 0)) {
249 257 allow_largepage_alignment = 0;
250 258 }
251 259 if ((mmu_page_sizes == max_mmu_page_sizes) &&
252 260 allow_largepage_alignment &&
253 261 (len >= MMU_PAGESIZE256M)) { /* 256MB mappings */
254 262 align_amount = MMU_PAGESIZE256M;
255 263 } else if ((mmu_page_sizes == max_mmu_page_sizes) &&
256 264 allow_largepage_alignment &&
257 265 (len >= MMU_PAGESIZE32M)) { /* 32MB mappings */
258 266 align_amount = MMU_PAGESIZE32M;
259 267 } else if (len >= MMU_PAGESIZE4M) { /* 4MB mappings */
260 268 align_amount = MMU_PAGESIZE4M;
261 269 } else if (len >= MMU_PAGESIZE512K) { /* 512KB mappings */
262 270 align_amount = MMU_PAGESIZE512K;
263 271 } else if (len >= MMU_PAGESIZE64K) { /* 64KB mappings */
264 272 align_amount = MMU_PAGESIZE64K;
265 273 } else {
266 274 /*
267 275 * Align virtual addresses on a 64K boundary to ensure
268 276 * that ELF shared libraries are mapped with the appropriate
269 277 * alignment constraints by the run-time linker.
270 278 */
271 279 align_amount = ELF_SPARC_MAXPGSZ;
272 280 if ((flags & MAP_ALIGN) && ((uintptr_t)*addrp != 0) &&
273 281 ((uintptr_t)*addrp < align_amount))
274 282 align_amount = (uintptr_t)*addrp;
275 283 }
276 284
277 285 /*
278 286 * 64-bit processes require 1024K alignment of ELF shared libraries.
279 287 */
280 288 if (p->p_model == DATAMODEL_LP64)
281 289 align_amount = MAX(align_amount, ELF_SPARCV9_MAXPGSZ);
282 290 #ifdef VAC
283 291 if (vac && vacalign && (align_amount < shm_alignment))
284 292 align_amount = shm_alignment;
285 293 #endif
286 294
287 295 if ((flags & MAP_ALIGN) && ((uintptr_t)*addrp > align_amount)) {
288 296 align_amount = (uintptr_t)*addrp;
289 297 }
290 298
291 299 ASSERT(ISP2(align_amount));
292 300 ASSERT(align_amount == 0 || align_amount >= PAGESIZE);
293 301
294 302 /*
295 303 * Look for a large enough hole starting below the stack limit.
296 304 * After finding it, use the upper part.
297 305 */
298 306 as_purge(as);
299 307 off = off & (align_amount - 1);
300 308 if (as_gap_aligned(as, len, &base, &slen, AH_HI, NULL, align_amount,
301 309 PAGESIZE, off) == 0) {
302 310 caddr_t as_addr;
303 311
304 312 /*
305 313 * addr is the highest possible address to use since we have
306 314 * a PAGESIZE redzone at the beginning and end.
307 315 */
308 316 addr = base + slen - (PAGESIZE + len);
309 317 as_addr = addr;
310 318 /*
311 319 * Round address DOWN to the alignment amount and
312 320 * add the offset in.
|
↓ open down ↓ |
132 lines elided |
↑ open up ↑ |
313 321 * If addr is greater than as_addr, len would not be large
314 322 * enough to include the redzone, so we must adjust down
315 323 * by the alignment amount.
316 324 */
317 325 addr = (caddr_t)((uintptr_t)addr & (~(align_amount - 1l)));
318 326 addr += (long)off;
319 327 if (addr > as_addr) {
320 328 addr -= align_amount;
321 329 }
322 330
331 + /*
332 + * If randomization is requested, slew the allocation
333 + * backwards, within the same gap, by a random amount.
334 + *
335 + * XXX: This will fall over in processes like Java, which
336 + * commonly have a great many small mappings.
337 + */
338 + if (flags & _MAP_RANDOMIZE) {
339 + uint32_t slew;
340 +
341 + (void) random_get_pseudo_bytes((uint8_t *)&slew,
342 + sizeof (slew));
343 +
344 + slew = slew % MIN(aslr_max_map_skew, (addr - base));
345 + addr -= P2ALIGN(slew, align_amount);
346 + }
347 +
323 348 ASSERT(addr > base);
324 349 ASSERT(addr + len < base + slen);
325 350 ASSERT(((uintptr_t)addr & (align_amount - 1l)) ==
326 351 ((uintptr_t)(off)));
327 352 *addrp = addr;
328 353
329 354 } else {
330 355 *addrp = NULL; /* no more virtual space */
331 356 }
332 357 }
333 358
334 359 /*
335 360 * Platform-dependent page scrub call.
336 361 * We call hypervisor to scrub the page.
337 362 */
338 363 void
339 364 pagescrub(page_t *pp, uint_t off, uint_t len)
340 365 {
341 366 uint64_t pa, length;
342 367
343 368 pa = (uint64_t)(pp->p_pagenum << MMU_PAGESHIFT + off);
344 369 length = (uint64_t)len;
345 370
346 371 (void) mem_scrub(pa, length);
347 372 }
348 373
349 374 void
350 375 sync_data_memory(caddr_t va, size_t len)
351 376 {
352 377 /* Call memory sync function */
353 378 (void) mem_sync(va, len);
354 379 }
355 380
356 381 size_t
357 382 mmu_get_kernel_lpsize(size_t lpsize)
358 383 {
359 384 extern int mmu_exported_pagesize_mask;
360 385 uint_t tte;
361 386
362 387 if (lpsize == 0) {
363 388 /* no setting for segkmem_lpsize in /etc/system: use default */
364 389 if (mmu_exported_pagesize_mask & (1 << TTE256M)) {
365 390 lpsize = MMU_PAGESIZE256M;
366 391 } else if (mmu_exported_pagesize_mask & (1 << TTE4M)) {
367 392 lpsize = MMU_PAGESIZE4M;
368 393 } else if (mmu_exported_pagesize_mask & (1 << TTE64K)) {
369 394 lpsize = MMU_PAGESIZE64K;
370 395 } else {
371 396 lpsize = MMU_PAGESIZE;
372 397 }
373 398
374 399 return (lpsize);
375 400 }
376 401
377 402 for (tte = TTE8K; tte <= TTE256M; tte++) {
378 403
379 404 if ((mmu_exported_pagesize_mask & (1 << tte)) == 0)
380 405 continue;
381 406
382 407 if (lpsize == TTEBYTES(tte))
383 408 return (lpsize);
384 409 }
385 410
386 411 lpsize = TTEBYTES(TTE8K);
387 412 return (lpsize);
388 413 }
389 414
390 415 void
391 416 mmu_init_kcontext()
392 417 {
393 418 }
394 419
395 420 /*ARGSUSED*/
396 421 void
397 422 mmu_init_kernel_pgsz(struct hat *hat)
398 423 {
399 424 }
400 425
401 426 static void *
402 427 contig_mem_span_alloc(vmem_t *vmp, size_t size, int vmflag)
403 428 {
404 429 page_t *ppl;
405 430 page_t *rootpp;
406 431 caddr_t addr = NULL;
407 432 pgcnt_t npages = btopr(size);
408 433 page_t **ppa;
409 434 int pgflags;
410 435 spgcnt_t i = 0;
411 436
412 437
413 438 ASSERT(size <= contig_mem_import_size_max);
414 439 ASSERT((size & (size - 1)) == 0);
415 440
416 441 if ((addr = vmem_xalloc(vmp, size, size, 0, 0,
417 442 NULL, NULL, vmflag)) == NULL) {
418 443 return (NULL);
419 444 }
420 445
421 446 /* The address should be slab-size aligned. */
422 447 ASSERT(((uintptr_t)addr & (size - 1)) == 0);
423 448
424 449 if (page_resv(npages, vmflag & VM_KMFLAGS) == 0) {
425 450 vmem_xfree(vmp, addr, size);
426 451 return (NULL);
427 452 }
428 453
429 454 pgflags = PG_EXCL;
430 455 if (vmflag & VM_NORELOC)
431 456 pgflags |= PG_NORELOC;
432 457
433 458 ppl = page_create_va_large(&kvp, (u_offset_t)(uintptr_t)addr, size,
434 459 pgflags, &kvseg, addr, NULL);
435 460
436 461 if (ppl == NULL) {
437 462 vmem_xfree(vmp, addr, size);
438 463 page_unresv(npages);
439 464 return (NULL);
440 465 }
441 466
442 467 rootpp = ppl;
443 468 ppa = kmem_zalloc(npages * sizeof (page_t *), KM_SLEEP);
444 469 while (ppl != NULL) {
445 470 page_t *pp = ppl;
446 471 ppa[i++] = pp;
447 472 page_sub(&ppl, pp);
448 473 ASSERT(page_iolock_assert(pp));
449 474 ASSERT(PAGE_EXCL(pp));
450 475 page_io_unlock(pp);
451 476 }
452 477
453 478 /*
454 479 * Load the locked entry. It's OK to preload the entry into
455 480 * the TSB since we now support large mappings in the kernel TSB.
456 481 */
457 482 hat_memload_array(kas.a_hat, (caddr_t)rootpp->p_offset, size,
458 483 ppa, (PROT_ALL & ~PROT_USER) | HAT_NOSYNC, HAT_LOAD_LOCK);
459 484
460 485 ASSERT(i == page_get_pagecnt(ppa[0]->p_szc));
461 486 for (--i; i >= 0; --i) {
462 487 ASSERT(ppa[i]->p_szc == ppa[0]->p_szc);
463 488 ASSERT(page_pptonum(ppa[i]) == page_pptonum(ppa[0]) + i);
464 489 (void) page_pp_lock(ppa[i], 0, 1);
465 490 /*
466 491 * Leave the page share locked. For non-cage pages,
467 492 * this would prevent memory DR if it were supported
468 493 * on sun4v.
469 494 */
470 495 page_downgrade(ppa[i]);
471 496 }
472 497
473 498 kmem_free(ppa, npages * sizeof (page_t *));
474 499 return (addr);
475 500 }
476 501
477 502 /*
478 503 * Allocates a slab by first trying to use the largest slab size
479 504 * in contig_mem_import_sizes and then falling back to smaller slab
480 505 * sizes still large enough for the allocation. The sizep argument
481 506 * is a pointer to the requested size. When a slab is successfully
482 507 * allocated, the slab size, which must be >= *sizep and <=
483 508 * contig_mem_import_size_max, is returned in the *sizep argument.
484 509 * Returns the virtual address of the new slab.
485 510 */
486 511 static void *
487 512 span_alloc_downsize(vmem_t *vmp, size_t *sizep, size_t align, int vmflag)
488 513 {
489 514 int i;
490 515
491 516 ASSERT(*sizep <= contig_mem_import_size_max);
492 517
493 518 for (i = 0; i < NUM_IMPORT_SIZES; i++) {
494 519 size_t page_size = contig_mem_import_sizes[i];
495 520
496 521 /*
497 522 * Check that the alignment is also less than the
498 523 * import (large page) size. In the case where the
499 524 * alignment is larger than the size, a large page
500 525 * large enough for the allocation is not necessarily
501 526 * physical-address aligned to satisfy the requested
502 527 * alignment. Since alignment is required to be a
503 528 * power-of-2, any large page >= size && >= align will
504 529 * suffice.
505 530 */
506 531 if (*sizep <= page_size && align <= page_size) {
507 532 void *addr;
508 533 addr = contig_mem_span_alloc(vmp, page_size, vmflag);
509 534 if (addr == NULL)
510 535 continue;
511 536 *sizep = page_size;
512 537 return (addr);
513 538 }
514 539 return (NULL);
515 540 }
516 541
517 542 return (NULL);
518 543 }
519 544
520 545 static void *
521 546 contig_mem_span_xalloc(vmem_t *vmp, size_t *sizep, size_t align, int vmflag)
522 547 {
523 548 return (span_alloc_downsize(vmp, sizep, align, vmflag | VM_NORELOC));
524 549 }
525 550
526 551 static void *
527 552 contig_mem_reloc_span_xalloc(vmem_t *vmp, size_t *sizep, size_t align,
528 553 int vmflag)
529 554 {
530 555 ASSERT((vmflag & VM_NORELOC) == 0);
531 556 return (span_alloc_downsize(vmp, sizep, align, vmflag));
532 557 }
533 558
534 559 /*
535 560 * Free a span, which is always exactly one large page.
536 561 */
537 562 static void
538 563 contig_mem_span_free(vmem_t *vmp, void *inaddr, size_t size)
539 564 {
540 565 page_t *pp;
541 566 caddr_t addr = inaddr;
542 567 caddr_t eaddr;
543 568 pgcnt_t npages = btopr(size);
544 569 page_t *rootpp = NULL;
545 570
546 571 ASSERT(size <= contig_mem_import_size_max);
547 572 /* All slabs should be size aligned */
548 573 ASSERT(((uintptr_t)addr & (size - 1)) == 0);
549 574
550 575 hat_unload(kas.a_hat, addr, size, HAT_UNLOAD_UNLOCK);
551 576
552 577 for (eaddr = addr + size; addr < eaddr; addr += PAGESIZE) {
553 578 pp = page_find(&kvp, (u_offset_t)(uintptr_t)addr);
554 579 if (pp == NULL) {
555 580 panic("contig_mem_span_free: page not found");
556 581 }
557 582 if (!page_tryupgrade(pp)) {
558 583 page_unlock(pp);
559 584 pp = page_lookup(&kvp,
560 585 (u_offset_t)(uintptr_t)addr, SE_EXCL);
561 586 if (pp == NULL)
562 587 panic("contig_mem_span_free: page not found");
563 588 }
564 589
565 590 ASSERT(PAGE_EXCL(pp));
566 591 ASSERT(size == page_get_pagesize(pp->p_szc));
567 592 ASSERT(rootpp == NULL || rootpp->p_szc == pp->p_szc);
568 593 ASSERT(rootpp == NULL || (page_pptonum(rootpp) +
569 594 (pgcnt_t)btop(addr - (caddr_t)inaddr) == page_pptonum(pp)));
570 595
571 596 page_pp_unlock(pp, 0, 1);
572 597
573 598 if (rootpp == NULL)
574 599 rootpp = pp;
575 600 }
576 601 page_destroy_pages(rootpp);
577 602 page_unresv(npages);
578 603
579 604 if (vmp != NULL)
580 605 vmem_xfree(vmp, inaddr, size);
581 606 }
582 607
583 608 static void *
584 609 contig_vmem_xalloc_aligned_wrapper(vmem_t *vmp, size_t *sizep, size_t align,
585 610 int vmflag)
586 611 {
587 612 ASSERT((align & (align - 1)) == 0);
588 613 return (vmem_xalloc(vmp, *sizep, align, 0, 0, NULL, NULL, vmflag));
589 614 }
590 615
591 616 /*
592 617 * contig_mem_alloc, contig_mem_alloc_align
593 618 *
594 619 * Caution: contig_mem_alloc and contig_mem_alloc_align should be
595 620 * used only when physically contiguous non-relocatable memory is
596 621 * required. Furthermore, use of these allocation routines should be
597 622 * minimized as well as should the allocation size. As described in the
598 623 * contig_mem_arena comment block above, slab allocations fall back to
599 624 * being outside of the cage. Therefore, overuse of these allocation
600 625 * routines can lead to non-relocatable large pages being allocated
601 626 * outside the cage. Such pages prevent the allocation of a larger page
602 627 * occupying overlapping pages. This can impact performance for
603 628 * applications that utilize e.g. 256M large pages.
604 629 */
605 630
606 631 /*
607 632 * Allocates size aligned contiguous memory up to contig_mem_import_size_max.
608 633 * Size must be a power of 2.
609 634 */
610 635 void *
611 636 contig_mem_alloc(size_t size)
612 637 {
613 638 ASSERT((size & (size - 1)) == 0);
614 639 return (contig_mem_alloc_align(size, size));
615 640 }
616 641
617 642 /*
618 643 * contig_mem_alloc_align allocates real contiguous memory with the
619 644 * specified alignment up to contig_mem_import_size_max. The alignment must
620 645 * be a power of 2 and no greater than contig_mem_import_size_max. We assert
621 646 * the aligment is a power of 2. For non-debug, vmem_xalloc will panic
622 647 * for non power of 2 alignments.
623 648 */
624 649 void *
625 650 contig_mem_alloc_align(size_t size, size_t align)
626 651 {
627 652 void *buf;
628 653
629 654 ASSERT(size <= contig_mem_import_size_max);
630 655 ASSERT(align <= contig_mem_import_size_max);
631 656 ASSERT((align & (align - 1)) == 0);
632 657
633 658 if (align < CONTIG_MEM_ARENA_QUANTUM)
634 659 align = CONTIG_MEM_ARENA_QUANTUM;
635 660
636 661 /*
637 662 * We take the lock here to serialize span allocations.
638 663 * We do not lose concurrency for the common case, since
639 664 * allocations that don't require new span allocations
640 665 * are serialized by vmem_xalloc. Serializing span
641 666 * allocations also prevents us from trying to allocate
642 667 * more spans than necessary.
643 668 */
644 669 mutex_enter(&contig_mem_lock);
645 670
646 671 buf = vmem_xalloc(contig_mem_arena, size, align, 0, 0,
647 672 NULL, NULL, VM_NOSLEEP | VM_NORELOC);
648 673
649 674 if ((buf == NULL) && (size <= MMU_PAGESIZE)) {
650 675 mutex_exit(&contig_mem_lock);
651 676 return (vmem_xalloc(static_alloc_arena, size, align, 0, 0,
652 677 NULL, NULL, VM_NOSLEEP));
653 678 }
654 679
655 680 if (buf == NULL) {
656 681 buf = vmem_xalloc(contig_mem_reloc_arena, size, align, 0, 0,
657 682 NULL, NULL, VM_NOSLEEP);
658 683 }
659 684
660 685 mutex_exit(&contig_mem_lock);
661 686
662 687 return (buf);
663 688 }
664 689
665 690 void
666 691 contig_mem_free(void *vaddr, size_t size)
667 692 {
668 693 if (vmem_contains(contig_mem_arena, vaddr, size)) {
669 694 vmem_xfree(contig_mem_arena, vaddr, size);
670 695 } else if (size > MMU_PAGESIZE) {
671 696 vmem_xfree(contig_mem_reloc_arena, vaddr, size);
672 697 } else {
673 698 vmem_xfree(static_alloc_arena, vaddr, size);
674 699 }
675 700 }
676 701
677 702 /*
678 703 * We create a set of stacked vmem arenas to enable us to
679 704 * allocate large >PAGESIZE chucks of contiguous Real Address space.
680 705 * The vmem_xcreate interface is used to create the contig_mem_arena
681 706 * allowing the import routine to downsize the requested slab size
682 707 * and return a smaller slab.
683 708 */
684 709 void
685 710 contig_mem_init(void)
686 711 {
687 712 mutex_init(&contig_mem_lock, NULL, MUTEX_DEFAULT, NULL);
688 713
689 714 contig_mem_slab_arena = vmem_xcreate("contig_mem_slab_arena", NULL, 0,
690 715 CONTIG_MEM_SLAB_ARENA_QUANTUM, contig_vmem_xalloc_aligned_wrapper,
691 716 vmem_xfree, heap_arena, 0, VM_SLEEP | VMC_XALIGN);
692 717
693 718 contig_mem_arena = vmem_xcreate("contig_mem_arena", NULL, 0,
694 719 CONTIG_MEM_ARENA_QUANTUM, contig_mem_span_xalloc,
695 720 contig_mem_span_free, contig_mem_slab_arena, 0,
696 721 VM_SLEEP | VM_BESTFIT | VMC_XALIGN);
697 722
698 723 contig_mem_reloc_arena = vmem_xcreate("contig_mem_reloc_arena", NULL, 0,
699 724 CONTIG_MEM_ARENA_QUANTUM, contig_mem_reloc_span_xalloc,
700 725 contig_mem_span_free, contig_mem_slab_arena, 0,
701 726 VM_SLEEP | VM_BESTFIT | VMC_XALIGN);
702 727
703 728 if (contig_mem_prealloc_buf == NULL || vmem_add(contig_mem_arena,
704 729 contig_mem_prealloc_buf, contig_mem_prealloc_size, VM_SLEEP)
705 730 == NULL) {
706 731 cmn_err(CE_WARN, "Failed to pre-populate contig_mem_arena");
707 732 }
708 733 }
709 734
710 735 /*
711 736 * In calculating how much memory to pre-allocate, we include a small
712 737 * amount per-CPU to account for per-CPU buffers in line with measured
713 738 * values for different size systems. contig_mem_prealloc_base_size is
714 739 * a cpu specific amount to be pre-allocated before considering per-CPU
715 740 * requirements and memory size. We always pre-allocate a minimum amount
716 741 * of memory determined by PREALLOC_MIN. Beyond that, we take the minimum
717 742 * of contig_mem_prealloc_base_size and a small percentage of physical
718 743 * memory to prevent allocating too much on smaller systems.
719 744 * contig_mem_prealloc_base_size is global, allowing for the CPU module
720 745 * to increase its value if necessary.
721 746 */
722 747 #define PREALLOC_PER_CPU (256 * 1024) /* 256K */
723 748 #define PREALLOC_PERCENT (4) /* 4% */
724 749 #define PREALLOC_MIN (16 * 1024 * 1024) /* 16M */
725 750 size_t contig_mem_prealloc_base_size = 0;
726 751
727 752 /*
728 753 * Called at boot-time allowing pre-allocation of contiguous memory.
729 754 * The argument 'alloc_base' is the requested base address for the
730 755 * allocation and originates in startup_memlist.
731 756 */
732 757 caddr_t
733 758 contig_mem_prealloc(caddr_t alloc_base, pgcnt_t npages)
734 759 {
735 760 caddr_t chunkp;
736 761
737 762 contig_mem_prealloc_size = MIN((PREALLOC_PER_CPU * ncpu_guest_max) +
738 763 contig_mem_prealloc_base_size,
739 764 (ptob(npages) * PREALLOC_PERCENT) / 100);
740 765 contig_mem_prealloc_size = MAX(contig_mem_prealloc_size, PREALLOC_MIN);
741 766 contig_mem_prealloc_size = P2ROUNDUP(contig_mem_prealloc_size,
742 767 MMU_PAGESIZE4M);
743 768
744 769 alloc_base = (caddr_t)roundup((uintptr_t)alloc_base, MMU_PAGESIZE4M);
745 770 if (prom_alloc(alloc_base, contig_mem_prealloc_size,
746 771 MMU_PAGESIZE4M) != alloc_base) {
747 772
748 773 /*
749 774 * Failed. This may mean the physical memory has holes in it
750 775 * and it will be more difficult to get large contiguous
751 776 * pieces of memory. Since we only guarantee contiguous
752 777 * pieces of memory contig_mem_import_size_max or smaller,
753 778 * loop, getting contig_mem_import_size_max at a time, until
754 779 * failure or contig_mem_prealloc_size is reached.
755 780 */
756 781 for (chunkp = alloc_base;
757 782 (chunkp - alloc_base) < contig_mem_prealloc_size;
758 783 chunkp += contig_mem_import_size_max) {
759 784
760 785 if (prom_alloc(chunkp, contig_mem_import_size_max,
761 786 MMU_PAGESIZE4M) != chunkp) {
762 787 break;
763 788 }
764 789 }
765 790 contig_mem_prealloc_size = chunkp - alloc_base;
766 791 ASSERT(contig_mem_prealloc_size != 0);
767 792 }
|
↓ open down ↓ |
435 lines elided |
↑ open up ↑ |
768 793
769 794 if (contig_mem_prealloc_size != 0) {
770 795 contig_mem_prealloc_buf = alloc_base;
771 796 } else {
772 797 contig_mem_prealloc_buf = NULL;
773 798 }
774 799 alloc_base += contig_mem_prealloc_size;
775 800
776 801 return (alloc_base);
777 802 }
778 -
779 -static uint_t sp_color_stride = 16;
780 -static uint_t sp_color_mask = 0x1f;
781 -static uint_t sp_current_color = (uint_t)-1;
782 -
783 -size_t
784 -exec_get_spslew(void)
785 -{
786 - uint_t spcolor = atomic_inc_32_nv(&sp_current_color);
787 - return ((size_t)((spcolor & sp_color_mask) * SA(sp_color_stride)));
788 -}
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX