4 * This file contains the various mmu fetch and update operations.
5 * The most important job they must perform is the mapping between the
6 * domain's pfn and the overall machine mfns.
8 * Xen allows guests to directly update the pagetable, in a controlled
9 * fashion. In other words, the guest modifies the same pagetable
10 * that the CPU actually uses, which eliminates the overhead of having
11 * a separate shadow pagetable.
13 * In order to allow this, it falls on the guest domain to map its
14 * notion of a "physical" pfn - which is just a domain-local linear
15 * address - into a real "machine address" which the CPU's MMU can
18 * A pgd_t/pmd_t/pte_t will typically contain an mfn, and so can be
19 * inserted directly into the pagetable. When creating a new
20 * pte/pmd/pgd, it converts the passed pfn into an mfn. Conversely,
21 * when reading the content back with __(pgd|pmd|pte)_val, it converts
22 * the mfn back into a pfn.
24 * The other constraint is that all pages which make up a pagetable
25 * must be mapped read-only in the guest. This prevents uncontrolled
26 * guest updates to the pagetable. Xen strictly enforces this, and
27 * will disallow any pagetable update which will end up mapping a
28 * pagetable page RW, and will disallow using any writable page as a
31 * Naively, when loading %cr3 with the base of a new pagetable, Xen
32 * would need to validate the whole pagetable before going on.
33 * Naturally, this is quite slow. The solution is to "pin" a
34 * pagetable, which enforces all the constraints on the pagetable even
35 * when it is not actively in use. This menas that Xen can be assured
36 * that it is still valid when you do load it into %cr3, and doesn't
37 * need to revalidate it.
39 * Jeremy Fitzhardinge <jeremy@xensource.com>, XenSource Inc, 2007
41 #include <linux/sched.h>
42 #include <linux/highmem.h>
43 #include <linux/debugfs.h>
44 #include <linux/bug.h>
46 #include <asm/pgtable.h>
47 #include <asm/tlbflush.h>
48 #include <asm/fixmap.h>
49 #include <asm/mmu_context.h>
50 #include <asm/setup.h>
51 #include <asm/paravirt.h>
52 #include <asm/linkage.h>
54 #include <asm/xen/hypercall.h>
55 #include <asm/xen/hypervisor.h>
58 #include <xen/interface/xen.h>
59 #include <xen/interface/version.h>
60 #include <xen/hvc-console.h>
62 #include "multicalls.h"
66 #define MMU_UPDATE_HISTO 30
68 #ifdef CONFIG_XEN_DEBUG_FS
72 u32 pgd_update_pinned;
73 u32 pgd_update_batched;
76 u32 pud_update_pinned;
77 u32 pud_update_batched;
80 u32 pmd_update_pinned;
81 u32 pmd_update_batched;
84 u32 pte_update_pinned;
85 u32 pte_update_batched;
88 u32 mmu_update_extended;
89 u32 mmu_update_histo[MMU_UPDATE_HISTO];
92 u32 prot_commit_batched;
95 u32 set_pte_at_batched;
96 u32 set_pte_at_pinned;
97 u32 set_pte_at_current;
98 u32 set_pte_at_kernel;
101 static u8 zero_stats;
103 static inline void check_zero(void)
105 if (unlikely(zero_stats)) {
106 memset(&mmu_stats, 0, sizeof(mmu_stats));
111 #define ADD_STATS(elem, val) \
112 do { check_zero(); mmu_stats.elem += (val); } while(0)
114 #else /* !CONFIG_XEN_DEBUG_FS */
116 #define ADD_STATS(elem, val) do { (void)(val); } while(0)
118 #endif /* CONFIG_XEN_DEBUG_FS */
122 * Identity map, in addition to plain kernel map. This needs to be
123 * large enough to allocate page table pages to allocate the rest.
124 * Each page can map 2MB.
126 static pte_t level1_ident_pgt[PTRS_PER_PTE * 4] __page_aligned_bss;
129 /* l3 pud for userspace vsyscall mapping */
130 static pud_t level3_user_vsyscall[PTRS_PER_PUD] __page_aligned_bss;
131 #endif /* CONFIG_X86_64 */
134 * Note about cr3 (pagetable base) values:
136 * xen_cr3 contains the current logical cr3 value; it contains the
137 * last set cr3. This may not be the current effective cr3, because
138 * its update may be being lazily deferred. However, a vcpu looking
139 * at its own cr3 can use this value knowing that it everything will
140 * be self-consistent.
142 * xen_current_cr3 contains the actual vcpu cr3; it is set once the
143 * hypercall to set the vcpu cr3 is complete (so it may be a little
144 * out of date, but it will never be set early). If one vcpu is
145 * looking at another vcpu's cr3 value, it should use this variable.
147 DEFINE_PER_CPU(unsigned long, xen_cr3); /* cr3 stored as physaddr */
148 DEFINE_PER_CPU(unsigned long, xen_current_cr3); /* actual vcpu cr3 */
152 * Just beyond the highest usermode address. STACK_TOP_MAX has a
153 * redzone above it, so round it up to a PGD boundary.
155 #define USER_LIMIT ((STACK_TOP_MAX + PGDIR_SIZE - 1) & PGDIR_MASK)
158 #define P2M_ENTRIES_PER_PAGE (PAGE_SIZE / sizeof(unsigned long))
159 #define TOP_ENTRIES (MAX_DOMAIN_PAGES / P2M_ENTRIES_PER_PAGE)
161 /* Placeholder for holes in the address space */
162 static unsigned long p2m_missing[P2M_ENTRIES_PER_PAGE] __page_aligned_data =
163 { [ 0 ... P2M_ENTRIES_PER_PAGE-1 ] = ~0UL };
165 /* Array of pointers to pages containing p2m entries */
166 static unsigned long *p2m_top[TOP_ENTRIES] __page_aligned_data =
167 { [ 0 ... TOP_ENTRIES - 1] = &p2m_missing[0] };
169 /* Arrays of p2m arrays expressed in mfns used for save/restore */
170 static unsigned long p2m_top_mfn[TOP_ENTRIES] __page_aligned_bss;
172 static unsigned long p2m_top_mfn_list[TOP_ENTRIES / P2M_ENTRIES_PER_PAGE]
175 static inline unsigned p2m_top_index(unsigned long pfn)
177 BUG_ON(pfn >= MAX_DOMAIN_PAGES);
178 return pfn / P2M_ENTRIES_PER_PAGE;
181 static inline unsigned p2m_index(unsigned long pfn)
183 return pfn % P2M_ENTRIES_PER_PAGE;
186 /* Build the parallel p2m_top_mfn structures */
187 void xen_setup_mfn_list_list(void)
191 for (pfn = 0; pfn < MAX_DOMAIN_PAGES; pfn += P2M_ENTRIES_PER_PAGE) {
192 unsigned topidx = p2m_top_index(pfn);
194 p2m_top_mfn[topidx] = virt_to_mfn(p2m_top[topidx]);
197 for (idx = 0; idx < ARRAY_SIZE(p2m_top_mfn_list); idx++) {
198 unsigned topidx = idx * P2M_ENTRIES_PER_PAGE;
199 p2m_top_mfn_list[idx] = virt_to_mfn(&p2m_top_mfn[topidx]);
202 BUG_ON(HYPERVISOR_shared_info == &xen_dummy_shared_info);
204 HYPERVISOR_shared_info->arch.pfn_to_mfn_frame_list_list =
205 virt_to_mfn(p2m_top_mfn_list);
206 HYPERVISOR_shared_info->arch.max_pfn = xen_start_info->nr_pages;
209 /* Set up p2m_top to point to the domain-builder provided p2m pages */
210 void __init xen_build_dynamic_phys_to_machine(void)
212 unsigned long *mfn_list = (unsigned long *)xen_start_info->mfn_list;
213 unsigned long max_pfn = min(MAX_DOMAIN_PAGES, xen_start_info->nr_pages);
216 for (pfn = 0; pfn < max_pfn; pfn += P2M_ENTRIES_PER_PAGE) {
217 unsigned topidx = p2m_top_index(pfn);
219 p2m_top[topidx] = &mfn_list[pfn];
223 unsigned long get_phys_to_machine(unsigned long pfn)
225 unsigned topidx, idx;
227 if (unlikely(pfn >= MAX_DOMAIN_PAGES))
228 return INVALID_P2M_ENTRY;
230 topidx = p2m_top_index(pfn);
231 idx = p2m_index(pfn);
232 return p2m_top[topidx][idx];
234 EXPORT_SYMBOL_GPL(get_phys_to_machine);
236 static void alloc_p2m(unsigned long **pp, unsigned long *mfnp)
241 p = (void *)__get_free_page(GFP_KERNEL | __GFP_NOFAIL);
244 for (i = 0; i < P2M_ENTRIES_PER_PAGE; i++)
245 p[i] = INVALID_P2M_ENTRY;
247 if (cmpxchg(pp, p2m_missing, p) != p2m_missing)
248 free_page((unsigned long)p);
250 *mfnp = virt_to_mfn(p);
253 void set_phys_to_machine(unsigned long pfn, unsigned long mfn)
255 unsigned topidx, idx;
257 if (unlikely(xen_feature(XENFEAT_auto_translated_physmap))) {
258 BUG_ON(pfn != mfn && mfn != INVALID_P2M_ENTRY);
262 if (unlikely(pfn >= MAX_DOMAIN_PAGES)) {
263 BUG_ON(mfn != INVALID_P2M_ENTRY);
267 topidx = p2m_top_index(pfn);
268 if (p2m_top[topidx] == p2m_missing) {
269 /* no need to allocate a page to store an invalid entry */
270 if (mfn == INVALID_P2M_ENTRY)
272 alloc_p2m(&p2m_top[topidx], &p2m_top_mfn[topidx]);
275 idx = p2m_index(pfn);
276 p2m_top[topidx][idx] = mfn;
279 xmaddr_t arbitrary_virt_to_machine(void *vaddr)
281 unsigned long address = (unsigned long)vaddr;
287 * if the PFN is in the linear mapped vaddr range, we can just use
288 * the (quick) virt_to_machine() p2m lookup
290 if (virt_addr_valid(vaddr))
291 return virt_to_machine(vaddr);
293 /* otherwise we have to do a (slower) full page-table walk */
295 pte = lookup_address(address, &level);
297 offset = address & ~PAGE_MASK;
298 return XMADDR(((phys_addr_t)pte_mfn(*pte) << PAGE_SHIFT) + offset);
301 void make_lowmem_page_readonly(void *vaddr)
304 unsigned long address = (unsigned long)vaddr;
307 pte = lookup_address(address, &level);
310 ptev = pte_wrprotect(*pte);
312 if (HYPERVISOR_update_va_mapping(address, ptev, 0))
316 void make_lowmem_page_readwrite(void *vaddr)
319 unsigned long address = (unsigned long)vaddr;
322 pte = lookup_address(address, &level);
325 ptev = pte_mkwrite(*pte);
327 if (HYPERVISOR_update_va_mapping(address, ptev, 0))
332 static bool xen_page_pinned(void *ptr)
334 struct page *page = virt_to_page(ptr);
336 return PagePinned(page);
339 static void xen_extend_mmu_update(const struct mmu_update *update)
341 struct multicall_space mcs;
342 struct mmu_update *u;
344 mcs = xen_mc_extend_args(__HYPERVISOR_mmu_update, sizeof(*u));
346 if (mcs.mc != NULL) {
347 ADD_STATS(mmu_update_extended, 1);
348 ADD_STATS(mmu_update_histo[mcs.mc->args[1]], -1);
352 if (mcs.mc->args[1] < MMU_UPDATE_HISTO)
353 ADD_STATS(mmu_update_histo[mcs.mc->args[1]], 1);
355 ADD_STATS(mmu_update_histo[0], 1);
357 ADD_STATS(mmu_update, 1);
358 mcs = __xen_mc_entry(sizeof(*u));
359 MULTI_mmu_update(mcs.mc, mcs.args, 1, NULL, DOMID_SELF);
360 ADD_STATS(mmu_update_histo[1], 1);
367 void xen_set_pmd_hyper(pmd_t *ptr, pmd_t val)
375 /* ptr may be ioremapped for 64-bit pagetable setup */
376 u.ptr = arbitrary_virt_to_machine(ptr).maddr;
377 u.val = pmd_val_ma(val);
378 xen_extend_mmu_update(&u);
380 ADD_STATS(pmd_update_batched, paravirt_get_lazy_mode() == PARAVIRT_LAZY_MMU);
382 xen_mc_issue(PARAVIRT_LAZY_MMU);
387 void xen_set_pmd(pmd_t *ptr, pmd_t val)
389 ADD_STATS(pmd_update, 1);
391 /* If page is not pinned, we can just update the entry
393 if (!xen_page_pinned(ptr)) {
398 ADD_STATS(pmd_update_pinned, 1);
400 xen_set_pmd_hyper(ptr, val);
404 * Associate a virtual page frame with a given physical page frame
405 * and protection flags for that frame.
407 void set_pte_mfn(unsigned long vaddr, unsigned long mfn, pgprot_t flags)
409 set_pte_vaddr(vaddr, mfn_pte(mfn, flags));
412 void xen_set_pte_at(struct mm_struct *mm, unsigned long addr,
413 pte_t *ptep, pte_t pteval)
415 /* updates to init_mm may be done without lock */
419 ADD_STATS(set_pte_at, 1);
420 // ADD_STATS(set_pte_at_pinned, xen_page_pinned(ptep));
421 ADD_STATS(set_pte_at_current, mm == current->mm);
422 ADD_STATS(set_pte_at_kernel, mm == &init_mm);
424 if (mm == current->mm || mm == &init_mm) {
425 if (paravirt_get_lazy_mode() == PARAVIRT_LAZY_MMU) {
426 struct multicall_space mcs;
427 mcs = xen_mc_entry(0);
429 MULTI_update_va_mapping(mcs.mc, addr, pteval, 0);
430 ADD_STATS(set_pte_at_batched, 1);
431 xen_mc_issue(PARAVIRT_LAZY_MMU);
434 if (HYPERVISOR_update_va_mapping(addr, pteval, 0) == 0)
437 xen_set_pte(ptep, pteval);
444 pte_t xen_ptep_modify_prot_start(struct mm_struct *mm,
445 unsigned long addr, pte_t *ptep)
447 /* Just return the pte as-is. We preserve the bits on commit */
451 void xen_ptep_modify_prot_commit(struct mm_struct *mm, unsigned long addr,
452 pte_t *ptep, pte_t pte)
458 u.ptr = arbitrary_virt_to_machine(ptep).maddr | MMU_PT_UPDATE_PRESERVE_AD;
459 u.val = pte_val_ma(pte);
460 xen_extend_mmu_update(&u);
462 ADD_STATS(prot_commit, 1);
463 ADD_STATS(prot_commit_batched, paravirt_get_lazy_mode() == PARAVIRT_LAZY_MMU);
465 xen_mc_issue(PARAVIRT_LAZY_MMU);
468 /* Assume pteval_t is equivalent to all the other *val_t types. */
469 static pteval_t pte_mfn_to_pfn(pteval_t val)
471 if (val & _PAGE_PRESENT) {
472 unsigned long mfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT;
473 pteval_t flags = val & PTE_FLAGS_MASK;
474 val = ((pteval_t)mfn_to_pfn(mfn) << PAGE_SHIFT) | flags;
480 static pteval_t pte_pfn_to_mfn(pteval_t val)
482 if (val & _PAGE_PRESENT) {
483 unsigned long pfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT;
484 pteval_t flags = val & PTE_FLAGS_MASK;
485 val = ((pteval_t)pfn_to_mfn(pfn) << PAGE_SHIFT) | flags;
491 pteval_t xen_pte_val(pte_t pte)
493 return pte_mfn_to_pfn(pte.pte);
496 pgdval_t xen_pgd_val(pgd_t pgd)
498 return pte_mfn_to_pfn(pgd.pgd);
501 pte_t xen_make_pte(pteval_t pte)
503 pte = pte_pfn_to_mfn(pte);
504 return native_make_pte(pte);
507 pgd_t xen_make_pgd(pgdval_t pgd)
509 pgd = pte_pfn_to_mfn(pgd);
510 return native_make_pgd(pgd);
513 pmdval_t xen_pmd_val(pmd_t pmd)
515 return pte_mfn_to_pfn(pmd.pmd);
518 void xen_set_pud_hyper(pud_t *ptr, pud_t val)
526 /* ptr may be ioremapped for 64-bit pagetable setup */
527 u.ptr = arbitrary_virt_to_machine(ptr).maddr;
528 u.val = pud_val_ma(val);
529 xen_extend_mmu_update(&u);
531 ADD_STATS(pud_update_batched, paravirt_get_lazy_mode() == PARAVIRT_LAZY_MMU);
533 xen_mc_issue(PARAVIRT_LAZY_MMU);
538 void xen_set_pud(pud_t *ptr, pud_t val)
540 ADD_STATS(pud_update, 1);
542 /* If page is not pinned, we can just update the entry
544 if (!xen_page_pinned(ptr)) {
549 ADD_STATS(pud_update_pinned, 1);
551 xen_set_pud_hyper(ptr, val);
554 void xen_set_pte(pte_t *ptep, pte_t pte)
556 ADD_STATS(pte_update, 1);
557 // ADD_STATS(pte_update_pinned, xen_page_pinned(ptep));
558 ADD_STATS(pte_update_batched, paravirt_get_lazy_mode() == PARAVIRT_LAZY_MMU);
560 #ifdef CONFIG_X86_PAE
561 ptep->pte_high = pte.pte_high;
563 ptep->pte_low = pte.pte_low;
569 #ifdef CONFIG_X86_PAE
570 void xen_set_pte_atomic(pte_t *ptep, pte_t pte)
572 set_64bit((u64 *)ptep, native_pte_val(pte));
575 void xen_pte_clear(struct mm_struct *mm, unsigned long addr, pte_t *ptep)
578 smp_wmb(); /* make sure low gets written first */
582 void xen_pmd_clear(pmd_t *pmdp)
584 set_pmd(pmdp, __pmd(0));
586 #endif /* CONFIG_X86_PAE */
588 pmd_t xen_make_pmd(pmdval_t pmd)
590 pmd = pte_pfn_to_mfn(pmd);
591 return native_make_pmd(pmd);
594 #if PAGETABLE_LEVELS == 4
595 pudval_t xen_pud_val(pud_t pud)
597 return pte_mfn_to_pfn(pud.pud);
600 pud_t xen_make_pud(pudval_t pud)
602 pud = pte_pfn_to_mfn(pud);
604 return native_make_pud(pud);
607 pgd_t *xen_get_user_pgd(pgd_t *pgd)
609 pgd_t *pgd_page = (pgd_t *)(((unsigned long)pgd) & PAGE_MASK);
610 unsigned offset = pgd - pgd_page;
611 pgd_t *user_ptr = NULL;
613 if (offset < pgd_index(USER_LIMIT)) {
614 struct page *page = virt_to_page(pgd_page);
615 user_ptr = (pgd_t *)page->private;
623 static void __xen_set_pgd_hyper(pgd_t *ptr, pgd_t val)
627 u.ptr = virt_to_machine(ptr).maddr;
628 u.val = pgd_val_ma(val);
629 xen_extend_mmu_update(&u);
633 * Raw hypercall-based set_pgd, intended for in early boot before
634 * there's a page structure. This implies:
635 * 1. The only existing pagetable is the kernel's
636 * 2. It is always pinned
637 * 3. It has no user pagetable attached to it
639 void __init xen_set_pgd_hyper(pgd_t *ptr, pgd_t val)
645 __xen_set_pgd_hyper(ptr, val);
647 xen_mc_issue(PARAVIRT_LAZY_MMU);
652 void xen_set_pgd(pgd_t *ptr, pgd_t val)
654 pgd_t *user_ptr = xen_get_user_pgd(ptr);
656 ADD_STATS(pgd_update, 1);
658 /* If page is not pinned, we can just update the entry
660 if (!xen_page_pinned(ptr)) {
663 WARN_ON(xen_page_pinned(user_ptr));
669 ADD_STATS(pgd_update_pinned, 1);
670 ADD_STATS(pgd_update_batched, paravirt_get_lazy_mode() == PARAVIRT_LAZY_MMU);
672 /* If it's pinned, then we can at least batch the kernel and
673 user updates together. */
676 __xen_set_pgd_hyper(ptr, val);
678 __xen_set_pgd_hyper(user_ptr, val);
680 xen_mc_issue(PARAVIRT_LAZY_MMU);
682 #endif /* PAGETABLE_LEVELS == 4 */
685 * (Yet another) pagetable walker. This one is intended for pinning a
686 * pagetable. This means that it walks a pagetable and calls the
687 * callback function on each page it finds making up the page table,
688 * at every level. It walks the entire pagetable, but it only bothers
689 * pinning pte pages which are below limit. In the normal case this
690 * will be STACK_TOP_MAX, but at boot we need to pin up to
693 * For 32-bit the important bit is that we don't pin beyond there,
694 * because then we start getting into Xen's ptes.
696 * For 64-bit, we must skip the Xen hole in the middle of the address
697 * space, just after the big x86-64 virtual hole.
699 static int __xen_pgd_walk(struct mm_struct *mm, pgd_t *pgd,
700 int (*func)(struct mm_struct *mm, struct page *,
705 unsigned hole_low, hole_high;
706 unsigned pgdidx_limit, pudidx_limit, pmdidx_limit;
707 unsigned pgdidx, pudidx, pmdidx;
709 /* The limit is the last byte to be touched */
711 BUG_ON(limit >= FIXADDR_TOP);
713 if (xen_feature(XENFEAT_auto_translated_physmap))
717 * 64-bit has a great big hole in the middle of the address
718 * space, which contains the Xen mappings. On 32-bit these
719 * will end up making a zero-sized hole and so is a no-op.
721 hole_low = pgd_index(USER_LIMIT);
722 hole_high = pgd_index(PAGE_OFFSET);
724 pgdidx_limit = pgd_index(limit);
726 pudidx_limit = pud_index(limit);
731 pmdidx_limit = pmd_index(limit);
736 for (pgdidx = 0; pgdidx <= pgdidx_limit; pgdidx++) {
739 if (pgdidx >= hole_low && pgdidx < hole_high)
742 if (!pgd_val(pgd[pgdidx]))
745 pud = pud_offset(&pgd[pgdidx], 0);
747 if (PTRS_PER_PUD > 1) /* not folded */
748 flush |= (*func)(mm, virt_to_page(pud), PT_PUD);
750 for (pudidx = 0; pudidx < PTRS_PER_PUD; pudidx++) {
753 if (pgdidx == pgdidx_limit &&
754 pudidx > pudidx_limit)
757 if (pud_none(pud[pudidx]))
760 pmd = pmd_offset(&pud[pudidx], 0);
762 if (PTRS_PER_PMD > 1) /* not folded */
763 flush |= (*func)(mm, virt_to_page(pmd), PT_PMD);
765 for (pmdidx = 0; pmdidx < PTRS_PER_PMD; pmdidx++) {
768 if (pgdidx == pgdidx_limit &&
769 pudidx == pudidx_limit &&
770 pmdidx > pmdidx_limit)
773 if (pmd_none(pmd[pmdidx]))
776 pte = pmd_page(pmd[pmdidx]);
777 flush |= (*func)(mm, pte, PT_PTE);
783 /* Do the top level last, so that the callbacks can use it as
784 a cue to do final things like tlb flushes. */
785 flush |= (*func)(mm, virt_to_page(pgd), PT_PGD);
790 static int xen_pgd_walk(struct mm_struct *mm,
791 int (*func)(struct mm_struct *mm, struct page *,
795 return __xen_pgd_walk(mm, mm->pgd, func, limit);
798 /* If we're using split pte locks, then take the page's lock and
799 return a pointer to it. Otherwise return NULL. */
800 static spinlock_t *xen_pte_lock(struct page *page, struct mm_struct *mm)
802 spinlock_t *ptl = NULL;
804 #if USE_SPLIT_PTLOCKS
805 ptl = __pte_lockptr(page);
806 spin_lock_nest_lock(ptl, &mm->page_table_lock);
812 static void xen_pte_unlock(void *v)
818 static void xen_do_pin(unsigned level, unsigned long pfn)
820 struct mmuext_op *op;
821 struct multicall_space mcs;
823 mcs = __xen_mc_entry(sizeof(*op));
826 op->arg1.mfn = pfn_to_mfn(pfn);
827 MULTI_mmuext_op(mcs.mc, op, 1, NULL, DOMID_SELF);
830 static int xen_pin_page(struct mm_struct *mm, struct page *page,
833 unsigned pgfl = TestSetPagePinned(page);
837 flush = 0; /* already pinned */
838 else if (PageHighMem(page))
839 /* kmaps need flushing if we found an unpinned
843 void *pt = lowmem_page_address(page);
844 unsigned long pfn = page_to_pfn(page);
845 struct multicall_space mcs = __xen_mc_entry(0);
851 * We need to hold the pagetable lock between the time
852 * we make the pagetable RO and when we actually pin
853 * it. If we don't, then other users may come in and
854 * attempt to update the pagetable by writing it,
855 * which will fail because the memory is RO but not
856 * pinned, so Xen won't do the trap'n'emulate.
858 * If we're using split pte locks, we can't hold the
859 * entire pagetable's worth of locks during the
860 * traverse, because we may wrap the preempt count (8
861 * bits). The solution is to mark RO and pin each PTE
862 * page while holding the lock. This means the number
863 * of locks we end up holding is never more than a
864 * batch size (~32 entries, at present).
866 * If we're not using split pte locks, we needn't pin
867 * the PTE pages independently, because we're
868 * protected by the overall pagetable lock.
872 ptl = xen_pte_lock(page, mm);
874 MULTI_update_va_mapping(mcs.mc, (unsigned long)pt,
875 pfn_pte(pfn, PAGE_KERNEL_RO),
876 level == PT_PGD ? UVMF_TLB_FLUSH : 0);
879 xen_do_pin(MMUEXT_PIN_L1_TABLE, pfn);
881 /* Queue a deferred unlock for when this batch
883 xen_mc_callback(xen_pte_unlock, ptl);
890 /* This is called just after a mm has been created, but it has not
891 been used yet. We need to make sure that its pagetable is all
892 read-only, and can be pinned. */
893 static void __xen_pgd_pin(struct mm_struct *mm, pgd_t *pgd)
899 if (__xen_pgd_walk(mm, pgd, xen_pin_page, USER_LIMIT)) {
900 /* re-enable interrupts for flushing */
910 pgd_t *user_pgd = xen_get_user_pgd(pgd);
912 xen_do_pin(MMUEXT_PIN_L4_TABLE, PFN_DOWN(__pa(pgd)));
915 xen_pin_page(mm, virt_to_page(user_pgd), PT_PGD);
916 xen_do_pin(MMUEXT_PIN_L4_TABLE,
917 PFN_DOWN(__pa(user_pgd)));
920 #else /* CONFIG_X86_32 */
921 #ifdef CONFIG_X86_PAE
922 /* Need to make sure unshared kernel PMD is pinnable */
923 xen_pin_page(mm, pgd_page(pgd[pgd_index(TASK_SIZE)]),
926 xen_do_pin(MMUEXT_PIN_L3_TABLE, PFN_DOWN(__pa(pgd)));
927 #endif /* CONFIG_X86_64 */
931 static void xen_pgd_pin(struct mm_struct *mm)
933 __xen_pgd_pin(mm, mm->pgd);
937 * On save, we need to pin all pagetables to make sure they get their
938 * mfns turned into pfns. Search the list for any unpinned pgds and pin
939 * them (unpinned pgds are not currently in use, probably because the
940 * process is under construction or destruction).
942 * Expected to be called in stop_machine() ("equivalent to taking
943 * every spinlock in the system"), so the locking doesn't really
944 * matter all that much.
946 void xen_mm_pin_all(void)
951 spin_lock_irqsave(&pgd_lock, flags);
953 list_for_each_entry(page, &pgd_list, lru) {
954 if (!PagePinned(page)) {
955 __xen_pgd_pin(&init_mm, (pgd_t *)page_address(page));
956 SetPageSavePinned(page);
960 spin_unlock_irqrestore(&pgd_lock, flags);
964 * The init_mm pagetable is really pinned as soon as its created, but
965 * that's before we have page structures to store the bits. So do all
966 * the book-keeping now.
968 static __init int xen_mark_pinned(struct mm_struct *mm, struct page *page,
975 void __init xen_mark_init_mm_pinned(void)
977 xen_pgd_walk(&init_mm, xen_mark_pinned, FIXADDR_TOP);
980 static int xen_unpin_page(struct mm_struct *mm, struct page *page,
983 unsigned pgfl = TestClearPagePinned(page);
985 if (pgfl && !PageHighMem(page)) {
986 void *pt = lowmem_page_address(page);
987 unsigned long pfn = page_to_pfn(page);
988 spinlock_t *ptl = NULL;
989 struct multicall_space mcs;
992 * Do the converse to pin_page. If we're using split
993 * pte locks, we must be holding the lock for while
994 * the pte page is unpinned but still RO to prevent
995 * concurrent updates from seeing it in this
996 * partially-pinned state.
998 if (level == PT_PTE) {
999 ptl = xen_pte_lock(page, mm);
1002 xen_do_pin(MMUEXT_UNPIN_TABLE, pfn);
1005 mcs = __xen_mc_entry(0);
1007 MULTI_update_va_mapping(mcs.mc, (unsigned long)pt,
1008 pfn_pte(pfn, PAGE_KERNEL),
1009 level == PT_PGD ? UVMF_TLB_FLUSH : 0);
1012 /* unlock when batch completed */
1013 xen_mc_callback(xen_pte_unlock, ptl);
1017 return 0; /* never need to flush on unpin */
1020 /* Release a pagetables pages back as normal RW */
1021 static void __xen_pgd_unpin(struct mm_struct *mm, pgd_t *pgd)
1025 xen_do_pin(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(pgd)));
1027 #ifdef CONFIG_X86_64
1029 pgd_t *user_pgd = xen_get_user_pgd(pgd);
1032 xen_do_pin(MMUEXT_UNPIN_TABLE,
1033 PFN_DOWN(__pa(user_pgd)));
1034 xen_unpin_page(mm, virt_to_page(user_pgd), PT_PGD);
1039 #ifdef CONFIG_X86_PAE
1040 /* Need to make sure unshared kernel PMD is unpinned */
1041 xen_unpin_page(mm, pgd_page(pgd[pgd_index(TASK_SIZE)]),
1045 __xen_pgd_walk(mm, pgd, xen_unpin_page, USER_LIMIT);
1050 static void xen_pgd_unpin(struct mm_struct *mm)
1052 __xen_pgd_unpin(mm, mm->pgd);
1056 * On resume, undo any pinning done at save, so that the rest of the
1057 * kernel doesn't see any unexpected pinned pagetables.
1059 void xen_mm_unpin_all(void)
1061 unsigned long flags;
1064 spin_lock_irqsave(&pgd_lock, flags);
1066 list_for_each_entry(page, &pgd_list, lru) {
1067 if (PageSavePinned(page)) {
1068 BUG_ON(!PagePinned(page));
1069 __xen_pgd_unpin(&init_mm, (pgd_t *)page_address(page));
1070 ClearPageSavePinned(page);
1074 spin_unlock_irqrestore(&pgd_lock, flags);
1077 void xen_activate_mm(struct mm_struct *prev, struct mm_struct *next)
1079 spin_lock(&next->page_table_lock);
1081 spin_unlock(&next->page_table_lock);
1084 void xen_dup_mmap(struct mm_struct *oldmm, struct mm_struct *mm)
1086 spin_lock(&mm->page_table_lock);
1088 spin_unlock(&mm->page_table_lock);
1093 /* Another cpu may still have their %cr3 pointing at the pagetable, so
1094 we need to repoint it somewhere else before we can unpin it. */
1095 static void drop_other_mm_ref(void *info)
1097 struct mm_struct *mm = info;
1098 struct mm_struct *active_mm;
1100 active_mm = percpu_read(cpu_tlbstate.active_mm);
1102 if (active_mm == mm)
1103 leave_mm(smp_processor_id());
1105 /* If this cpu still has a stale cr3 reference, then make sure
1106 it has been flushed. */
1107 if (percpu_read(xen_current_cr3) == __pa(mm->pgd)) {
1108 load_cr3(swapper_pg_dir);
1109 arch_flush_lazy_cpu_mode();
1113 static void xen_drop_mm_ref(struct mm_struct *mm)
1118 if (current->active_mm == mm) {
1119 if (current->mm == mm)
1120 load_cr3(swapper_pg_dir);
1122 leave_mm(smp_processor_id());
1123 arch_flush_lazy_cpu_mode();
1126 /* Get the "official" set of cpus referring to our pagetable. */
1127 if (!alloc_cpumask_var(&mask, GFP_ATOMIC)) {
1128 for_each_online_cpu(cpu) {
1129 if (!cpumask_test_cpu(cpu, &mm->cpu_vm_mask)
1130 && per_cpu(xen_current_cr3, cpu) != __pa(mm->pgd))
1132 smp_call_function_single(cpu, drop_other_mm_ref, mm, 1);
1136 cpumask_copy(mask, &mm->cpu_vm_mask);
1138 /* It's possible that a vcpu may have a stale reference to our
1139 cr3, because its in lazy mode, and it hasn't yet flushed
1140 its set of pending hypercalls yet. In this case, we can
1141 look at its actual current cr3 value, and force it to flush
1143 for_each_online_cpu(cpu) {
1144 if (per_cpu(xen_current_cr3, cpu) == __pa(mm->pgd))
1145 cpumask_set_cpu(cpu, mask);
1148 if (!cpumask_empty(mask))
1149 smp_call_function_many(mask, drop_other_mm_ref, mm, 1);
1150 free_cpumask_var(mask);
1153 static void xen_drop_mm_ref(struct mm_struct *mm)
1155 if (current->active_mm == mm)
1156 load_cr3(swapper_pg_dir);
1161 * While a process runs, Xen pins its pagetables, which means that the
1162 * hypervisor forces it to be read-only, and it controls all updates
1163 * to it. This means that all pagetable updates have to go via the
1164 * hypervisor, which is moderately expensive.
1166 * Since we're pulling the pagetable down, we switch to use init_mm,
1167 * unpin old process pagetable and mark it all read-write, which
1168 * allows further operations on it to be simple memory accesses.
1170 * The only subtle point is that another CPU may be still using the
1171 * pagetable because of lazy tlb flushing. This means we need need to
1172 * switch all CPUs off this pagetable before we can unpin it.
1174 void xen_exit_mmap(struct mm_struct *mm)
1176 get_cpu(); /* make sure we don't move around */
1177 xen_drop_mm_ref(mm);
1180 spin_lock(&mm->page_table_lock);
1182 /* pgd may not be pinned in the error exit path of execve */
1183 if (xen_page_pinned(mm->pgd))
1186 spin_unlock(&mm->page_table_lock);
1189 static __init void xen_pagetable_setup_start(pgd_t *base)
1193 static __init void xen_pagetable_setup_done(pgd_t *base)
1195 xen_setup_shared_info();
1198 static void xen_write_cr2(unsigned long cr2)
1200 percpu_read(xen_vcpu)->arch.cr2 = cr2;
1203 static unsigned long xen_read_cr2(void)
1205 return percpu_read(xen_vcpu)->arch.cr2;
1208 unsigned long xen_read_cr2_direct(void)
1210 return percpu_read(xen_vcpu_info.arch.cr2);
1213 static void xen_flush_tlb(void)
1215 struct mmuext_op *op;
1216 struct multicall_space mcs;
1220 mcs = xen_mc_entry(sizeof(*op));
1223 op->cmd = MMUEXT_TLB_FLUSH_LOCAL;
1224 MULTI_mmuext_op(mcs.mc, op, 1, NULL, DOMID_SELF);
1226 xen_mc_issue(PARAVIRT_LAZY_MMU);
1231 static void xen_flush_tlb_single(unsigned long addr)
1233 struct mmuext_op *op;
1234 struct multicall_space mcs;
1238 mcs = xen_mc_entry(sizeof(*op));
1240 op->cmd = MMUEXT_INVLPG_LOCAL;
1241 op->arg1.linear_addr = addr & PAGE_MASK;
1242 MULTI_mmuext_op(mcs.mc, op, 1, NULL, DOMID_SELF);
1244 xen_mc_issue(PARAVIRT_LAZY_MMU);
1249 static void xen_flush_tlb_others(const struct cpumask *cpus,
1250 struct mm_struct *mm, unsigned long va)
1253 struct mmuext_op op;
1254 DECLARE_BITMAP(mask, NR_CPUS);
1256 struct multicall_space mcs;
1258 BUG_ON(cpumask_empty(cpus));
1261 mcs = xen_mc_entry(sizeof(*args));
1263 args->op.arg2.vcpumask = to_cpumask(args->mask);
1265 /* Remove us, and any offline CPUS. */
1266 cpumask_and(to_cpumask(args->mask), cpus, cpu_online_mask);
1267 cpumask_clear_cpu(smp_processor_id(), to_cpumask(args->mask));
1268 if (unlikely(cpumask_empty(to_cpumask(args->mask))))
1271 if (va == TLB_FLUSH_ALL) {
1272 args->op.cmd = MMUEXT_TLB_FLUSH_MULTI;
1274 args->op.cmd = MMUEXT_INVLPG_MULTI;
1275 args->op.arg1.linear_addr = va;
1278 MULTI_mmuext_op(mcs.mc, &args->op, 1, NULL, DOMID_SELF);
1281 xen_mc_issue(PARAVIRT_LAZY_MMU);
1284 static unsigned long xen_read_cr3(void)
1286 return percpu_read(xen_cr3);
1289 static void set_current_cr3(void *v)
1291 percpu_write(xen_current_cr3, (unsigned long)v);
1294 static void __xen_write_cr3(bool kernel, unsigned long cr3)
1296 struct mmuext_op *op;
1297 struct multicall_space mcs;
1301 mfn = pfn_to_mfn(PFN_DOWN(cr3));
1305 WARN_ON(mfn == 0 && kernel);
1307 mcs = __xen_mc_entry(sizeof(*op));
1310 op->cmd = kernel ? MMUEXT_NEW_BASEPTR : MMUEXT_NEW_USER_BASEPTR;
1313 MULTI_mmuext_op(mcs.mc, op, 1, NULL, DOMID_SELF);
1316 percpu_write(xen_cr3, cr3);
1318 /* Update xen_current_cr3 once the batch has actually
1320 xen_mc_callback(set_current_cr3, (void *)cr3);
1324 static void xen_write_cr3(unsigned long cr3)
1326 BUG_ON(preemptible());
1328 xen_mc_batch(); /* disables interrupts */
1330 /* Update while interrupts are disabled, so its atomic with
1332 percpu_write(xen_cr3, cr3);
1334 __xen_write_cr3(true, cr3);
1336 #ifdef CONFIG_X86_64
1338 pgd_t *user_pgd = xen_get_user_pgd(__va(cr3));
1340 __xen_write_cr3(false, __pa(user_pgd));
1342 __xen_write_cr3(false, 0);
1346 xen_mc_issue(PARAVIRT_LAZY_CPU); /* interrupts restored */
1349 static int xen_pgd_alloc(struct mm_struct *mm)
1351 pgd_t *pgd = mm->pgd;
1354 BUG_ON(PagePinned(virt_to_page(pgd)));
1356 #ifdef CONFIG_X86_64
1358 struct page *page = virt_to_page(pgd);
1361 BUG_ON(page->private != 0);
1365 user_pgd = (pgd_t *)__get_free_page(GFP_KERNEL | __GFP_ZERO);
1366 page->private = (unsigned long)user_pgd;
1368 if (user_pgd != NULL) {
1369 user_pgd[pgd_index(VSYSCALL_START)] =
1370 __pgd(__pa(level3_user_vsyscall) | _PAGE_TABLE);
1374 BUG_ON(PagePinned(virt_to_page(xen_get_user_pgd(pgd))));
1381 static void xen_pgd_free(struct mm_struct *mm, pgd_t *pgd)
1383 #ifdef CONFIG_X86_64
1384 pgd_t *user_pgd = xen_get_user_pgd(pgd);
1387 free_page((unsigned long)user_pgd);
1392 /* Early in boot, while setting up the initial pagetable, assume
1393 everything is pinned. */
1394 static __init void xen_alloc_pte_init(struct mm_struct *mm, unsigned long pfn)
1396 #ifdef CONFIG_FLATMEM
1397 BUG_ON(mem_map); /* should only be used early */
1399 make_lowmem_page_readonly(__va(PFN_PHYS(pfn)));
1402 /* Early release_pte assumes that all pts are pinned, since there's
1403 only init_mm and anything attached to that is pinned. */
1404 static void xen_release_pte_init(unsigned long pfn)
1406 make_lowmem_page_readwrite(__va(PFN_PHYS(pfn)));
1409 static void pin_pagetable_pfn(unsigned cmd, unsigned long pfn)
1411 struct mmuext_op op;
1413 op.arg1.mfn = pfn_to_mfn(pfn);
1414 if (HYPERVISOR_mmuext_op(&op, 1, NULL, DOMID_SELF))
1418 /* This needs to make sure the new pte page is pinned iff its being
1419 attached to a pinned pagetable. */
1420 static void xen_alloc_ptpage(struct mm_struct *mm, unsigned long pfn, unsigned level)
1422 struct page *page = pfn_to_page(pfn);
1424 if (PagePinned(virt_to_page(mm->pgd))) {
1425 SetPagePinned(page);
1428 if (!PageHighMem(page)) {
1429 make_lowmem_page_readonly(__va(PFN_PHYS((unsigned long)pfn)));
1430 if (level == PT_PTE && USE_SPLIT_PTLOCKS)
1431 pin_pagetable_pfn(MMUEXT_PIN_L1_TABLE, pfn);
1433 /* make sure there are no stray mappings of
1435 kmap_flush_unused();
1440 static void xen_alloc_pte(struct mm_struct *mm, unsigned long pfn)
1442 xen_alloc_ptpage(mm, pfn, PT_PTE);
1445 static void xen_alloc_pmd(struct mm_struct *mm, unsigned long pfn)
1447 xen_alloc_ptpage(mm, pfn, PT_PMD);
1450 /* This should never happen until we're OK to use struct page */
1451 static void xen_release_ptpage(unsigned long pfn, unsigned level)
1453 struct page *page = pfn_to_page(pfn);
1455 if (PagePinned(page)) {
1456 if (!PageHighMem(page)) {
1457 if (level == PT_PTE && USE_SPLIT_PTLOCKS)
1458 pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, pfn);
1459 make_lowmem_page_readwrite(__va(PFN_PHYS(pfn)));
1461 ClearPagePinned(page);
1465 static void xen_release_pte(unsigned long pfn)
1467 xen_release_ptpage(pfn, PT_PTE);
1470 static void xen_release_pmd(unsigned long pfn)
1472 xen_release_ptpage(pfn, PT_PMD);
1475 #if PAGETABLE_LEVELS == 4
1476 static void xen_alloc_pud(struct mm_struct *mm, unsigned long pfn)
1478 xen_alloc_ptpage(mm, pfn, PT_PUD);
1481 static void xen_release_pud(unsigned long pfn)
1483 xen_release_ptpage(pfn, PT_PUD);
1487 void __init xen_reserve_top(void)
1489 #ifdef CONFIG_X86_32
1490 unsigned long top = HYPERVISOR_VIRT_START;
1491 struct xen_platform_parameters pp;
1493 if (HYPERVISOR_xen_version(XENVER_platform_parameters, &pp) == 0)
1494 top = pp.virt_start;
1496 reserve_top_address(-top);
1497 #endif /* CONFIG_X86_32 */
1501 * Like __va(), but returns address in the kernel mapping (which is
1502 * all we have until the physical memory mapping has been set up.
1504 static void *__ka(phys_addr_t paddr)
1506 #ifdef CONFIG_X86_64
1507 return (void *)(paddr + __START_KERNEL_map);
1513 /* Convert a machine address to physical address */
1514 static unsigned long m2p(phys_addr_t maddr)
1518 maddr &= PTE_PFN_MASK;
1519 paddr = mfn_to_pfn(maddr >> PAGE_SHIFT) << PAGE_SHIFT;
1524 /* Convert a machine address to kernel virtual */
1525 static void *m2v(phys_addr_t maddr)
1527 return __ka(m2p(maddr));
1530 static void set_page_prot(void *addr, pgprot_t prot)
1532 unsigned long pfn = __pa(addr) >> PAGE_SHIFT;
1533 pte_t pte = pfn_pte(pfn, prot);
1535 if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, 0))
1539 static __init void xen_map_identity_early(pmd_t *pmd, unsigned long max_pfn)
1541 unsigned pmdidx, pteidx;
1547 for (pmdidx = 0; pmdidx < PTRS_PER_PMD && pfn < max_pfn; pmdidx++) {
1550 /* Reuse or allocate a page of ptes */
1551 if (pmd_present(pmd[pmdidx]))
1552 pte_page = m2v(pmd[pmdidx].pmd);
1554 /* Check for free pte pages */
1555 if (ident_pte == ARRAY_SIZE(level1_ident_pgt))
1558 pte_page = &level1_ident_pgt[ident_pte];
1559 ident_pte += PTRS_PER_PTE;
1561 pmd[pmdidx] = __pmd(__pa(pte_page) | _PAGE_TABLE);
1564 /* Install mappings */
1565 for (pteidx = 0; pteidx < PTRS_PER_PTE; pteidx++, pfn++) {
1568 if (pfn > max_pfn_mapped)
1569 max_pfn_mapped = pfn;
1571 if (!pte_none(pte_page[pteidx]))
1574 pte = pfn_pte(pfn, PAGE_KERNEL_EXEC);
1575 pte_page[pteidx] = pte;
1579 for (pteidx = 0; pteidx < ident_pte; pteidx += PTRS_PER_PTE)
1580 set_page_prot(&level1_ident_pgt[pteidx], PAGE_KERNEL_RO);
1582 set_page_prot(pmd, PAGE_KERNEL_RO);
1585 #ifdef CONFIG_X86_64
1586 static void convert_pfn_mfn(void *v)
1591 /* All levels are converted the same way, so just treat them
1593 for (i = 0; i < PTRS_PER_PTE; i++)
1594 pte[i] = xen_make_pte(pte[i].pte);
1598 * Set up the inital kernel pagetable.
1600 * We can construct this by grafting the Xen provided pagetable into
1601 * head_64.S's preconstructed pagetables. We copy the Xen L2's into
1602 * level2_ident_pgt, level2_kernel_pgt and level2_fixmap_pgt. This
1603 * means that only the kernel has a physical mapping to start with -
1604 * but that's enough to get __va working. We need to fill in the rest
1605 * of the physical mapping once some sort of allocator has been set
1608 __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd,
1609 unsigned long max_pfn)
1614 /* Zap identity mapping */
1615 init_level4_pgt[0] = __pgd(0);
1617 /* Pre-constructed entries are in pfn, so convert to mfn */
1618 convert_pfn_mfn(init_level4_pgt);
1619 convert_pfn_mfn(level3_ident_pgt);
1620 convert_pfn_mfn(level3_kernel_pgt);
1622 l3 = m2v(pgd[pgd_index(__START_KERNEL_map)].pgd);
1623 l2 = m2v(l3[pud_index(__START_KERNEL_map)].pud);
1625 memcpy(level2_ident_pgt, l2, sizeof(pmd_t) * PTRS_PER_PMD);
1626 memcpy(level2_kernel_pgt, l2, sizeof(pmd_t) * PTRS_PER_PMD);
1628 l3 = m2v(pgd[pgd_index(__START_KERNEL_map + PMD_SIZE)].pgd);
1629 l2 = m2v(l3[pud_index(__START_KERNEL_map + PMD_SIZE)].pud);
1630 memcpy(level2_fixmap_pgt, l2, sizeof(pmd_t) * PTRS_PER_PMD);
1632 /* Set up identity map */
1633 xen_map_identity_early(level2_ident_pgt, max_pfn);
1635 /* Make pagetable pieces RO */
1636 set_page_prot(init_level4_pgt, PAGE_KERNEL_RO);
1637 set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO);
1638 set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO);
1639 set_page_prot(level3_user_vsyscall, PAGE_KERNEL_RO);
1640 set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO);
1641 set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO);
1643 /* Pin down new L4 */
1644 pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE,
1645 PFN_DOWN(__pa_symbol(init_level4_pgt)));
1647 /* Unpin Xen-provided one */
1648 pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(pgd)));
1651 pgd = init_level4_pgt;
1654 * At this stage there can be no user pgd, and no page
1655 * structure to attach it to, so make sure we just set kernel
1659 __xen_write_cr3(true, __pa(pgd));
1660 xen_mc_issue(PARAVIRT_LAZY_CPU);
1662 reserve_early(__pa(xen_start_info->pt_base),
1663 __pa(xen_start_info->pt_base +
1664 xen_start_info->nr_pt_frames * PAGE_SIZE),
1669 #else /* !CONFIG_X86_64 */
1670 static pmd_t level2_kernel_pgt[PTRS_PER_PMD] __page_aligned_bss;
1672 __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd,
1673 unsigned long max_pfn)
1677 init_pg_tables_start = __pa(pgd);
1678 init_pg_tables_end = __pa(pgd) + xen_start_info->nr_pt_frames*PAGE_SIZE;
1679 max_pfn_mapped = PFN_DOWN(init_pg_tables_end + 512*1024);
1681 kernel_pmd = m2v(pgd[KERNEL_PGD_BOUNDARY].pgd);
1682 memcpy(level2_kernel_pgt, kernel_pmd, sizeof(pmd_t) * PTRS_PER_PMD);
1684 xen_map_identity_early(level2_kernel_pgt, max_pfn);
1686 memcpy(swapper_pg_dir, pgd, sizeof(pgd_t) * PTRS_PER_PGD);
1687 set_pgd(&swapper_pg_dir[KERNEL_PGD_BOUNDARY],
1688 __pgd(__pa(level2_kernel_pgt) | _PAGE_PRESENT));
1690 set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO);
1691 set_page_prot(swapper_pg_dir, PAGE_KERNEL_RO);
1692 set_page_prot(empty_zero_page, PAGE_KERNEL_RO);
1694 pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(pgd)));
1696 xen_write_cr3(__pa(swapper_pg_dir));
1698 pin_pagetable_pfn(MMUEXT_PIN_L3_TABLE, PFN_DOWN(__pa(swapper_pg_dir)));
1700 return swapper_pg_dir;
1702 #endif /* CONFIG_X86_64 */
1704 static void xen_set_fixmap(unsigned idx, unsigned long phys, pgprot_t prot)
1708 phys >>= PAGE_SHIFT;
1711 case FIX_BTMAP_END ... FIX_BTMAP_BEGIN:
1712 #ifdef CONFIG_X86_F00F_BUG
1715 #ifdef CONFIG_X86_32
1718 # ifdef CONFIG_HIGHMEM
1719 case FIX_KMAP_BEGIN ... FIX_KMAP_END:
1722 case VSYSCALL_LAST_PAGE ... VSYSCALL_FIRST_PAGE:
1724 #ifdef CONFIG_X86_LOCAL_APIC
1725 case FIX_APIC_BASE: /* maps dummy local APIC */
1727 pte = pfn_pte(phys, prot);
1731 pte = mfn_pte(phys, prot);
1735 __native_set_fixmap(idx, pte);
1737 #ifdef CONFIG_X86_64
1738 /* Replicate changes to map the vsyscall page into the user
1739 pagetable vsyscall mapping. */
1740 if (idx >= VSYSCALL_LAST_PAGE && idx <= VSYSCALL_FIRST_PAGE) {
1741 unsigned long vaddr = __fix_to_virt(idx);
1742 set_pte_vaddr_pud(level3_user_vsyscall, vaddr, pte);
1747 __init void xen_post_allocator_init(void)
1749 pv_mmu_ops.set_pte = xen_set_pte;
1750 pv_mmu_ops.set_pmd = xen_set_pmd;
1751 pv_mmu_ops.set_pud = xen_set_pud;
1752 #if PAGETABLE_LEVELS == 4
1753 pv_mmu_ops.set_pgd = xen_set_pgd;
1756 /* This will work as long as patching hasn't happened yet
1757 (which it hasn't) */
1758 pv_mmu_ops.alloc_pte = xen_alloc_pte;
1759 pv_mmu_ops.alloc_pmd = xen_alloc_pmd;
1760 pv_mmu_ops.release_pte = xen_release_pte;
1761 pv_mmu_ops.release_pmd = xen_release_pmd;
1762 #if PAGETABLE_LEVELS == 4
1763 pv_mmu_ops.alloc_pud = xen_alloc_pud;
1764 pv_mmu_ops.release_pud = xen_release_pud;
1767 #ifdef CONFIG_X86_64
1768 SetPagePinned(virt_to_page(level3_user_vsyscall));
1770 xen_mark_init_mm_pinned();
1774 const struct pv_mmu_ops xen_mmu_ops __initdata = {
1775 .pagetable_setup_start = xen_pagetable_setup_start,
1776 .pagetable_setup_done = xen_pagetable_setup_done,
1778 .read_cr2 = xen_read_cr2,
1779 .write_cr2 = xen_write_cr2,
1781 .read_cr3 = xen_read_cr3,
1782 .write_cr3 = xen_write_cr3,
1784 .flush_tlb_user = xen_flush_tlb,
1785 .flush_tlb_kernel = xen_flush_tlb,
1786 .flush_tlb_single = xen_flush_tlb_single,
1787 .flush_tlb_others = xen_flush_tlb_others,
1789 .pte_update = paravirt_nop,
1790 .pte_update_defer = paravirt_nop,
1792 .pgd_alloc = xen_pgd_alloc,
1793 .pgd_free = xen_pgd_free,
1795 .alloc_pte = xen_alloc_pte_init,
1796 .release_pte = xen_release_pte_init,
1797 .alloc_pmd = xen_alloc_pte_init,
1798 .alloc_pmd_clone = paravirt_nop,
1799 .release_pmd = xen_release_pte_init,
1801 #ifdef CONFIG_HIGHPTE
1802 .kmap_atomic_pte = xen_kmap_atomic_pte,
1805 #ifdef CONFIG_X86_64
1806 .set_pte = xen_set_pte,
1808 .set_pte = xen_set_pte_init,
1810 .set_pte_at = xen_set_pte_at,
1811 .set_pmd = xen_set_pmd_hyper,
1813 .ptep_modify_prot_start = __ptep_modify_prot_start,
1814 .ptep_modify_prot_commit = __ptep_modify_prot_commit,
1816 .pte_val = xen_pte_val,
1817 .pgd_val = xen_pgd_val,
1819 .make_pte = xen_make_pte,
1820 .make_pgd = xen_make_pgd,
1822 #ifdef CONFIG_X86_PAE
1823 .set_pte_atomic = xen_set_pte_atomic,
1824 .set_pte_present = xen_set_pte_at,
1825 .pte_clear = xen_pte_clear,
1826 .pmd_clear = xen_pmd_clear,
1827 #endif /* CONFIG_X86_PAE */
1828 .set_pud = xen_set_pud_hyper,
1830 .make_pmd = xen_make_pmd,
1831 .pmd_val = xen_pmd_val,
1833 #if PAGETABLE_LEVELS == 4
1834 .pud_val = xen_pud_val,
1835 .make_pud = xen_make_pud,
1836 .set_pgd = xen_set_pgd_hyper,
1838 .alloc_pud = xen_alloc_pte_init,
1839 .release_pud = xen_release_pte_init,
1840 #endif /* PAGETABLE_LEVELS == 4 */
1842 .activate_mm = xen_activate_mm,
1843 .dup_mmap = xen_dup_mmap,
1844 .exit_mmap = xen_exit_mmap,
1847 .enter = paravirt_enter_lazy_mmu,
1848 .leave = xen_leave_lazy,
1851 .set_fixmap = xen_set_fixmap,
1855 #ifdef CONFIG_XEN_DEBUG_FS
1857 static struct dentry *d_mmu_debug;
1859 static int __init xen_mmu_debugfs(void)
1861 struct dentry *d_xen = xen_init_debugfs();
1866 d_mmu_debug = debugfs_create_dir("mmu", d_xen);
1868 debugfs_create_u8("zero_stats", 0644, d_mmu_debug, &zero_stats);
1870 debugfs_create_u32("pgd_update", 0444, d_mmu_debug, &mmu_stats.pgd_update);
1871 debugfs_create_u32("pgd_update_pinned", 0444, d_mmu_debug,
1872 &mmu_stats.pgd_update_pinned);
1873 debugfs_create_u32("pgd_update_batched", 0444, d_mmu_debug,
1874 &mmu_stats.pgd_update_pinned);
1876 debugfs_create_u32("pud_update", 0444, d_mmu_debug, &mmu_stats.pud_update);
1877 debugfs_create_u32("pud_update_pinned", 0444, d_mmu_debug,
1878 &mmu_stats.pud_update_pinned);
1879 debugfs_create_u32("pud_update_batched", 0444, d_mmu_debug,
1880 &mmu_stats.pud_update_pinned);
1882 debugfs_create_u32("pmd_update", 0444, d_mmu_debug, &mmu_stats.pmd_update);
1883 debugfs_create_u32("pmd_update_pinned", 0444, d_mmu_debug,
1884 &mmu_stats.pmd_update_pinned);
1885 debugfs_create_u32("pmd_update_batched", 0444, d_mmu_debug,
1886 &mmu_stats.pmd_update_pinned);
1888 debugfs_create_u32("pte_update", 0444, d_mmu_debug, &mmu_stats.pte_update);
1889 // debugfs_create_u32("pte_update_pinned", 0444, d_mmu_debug,
1890 // &mmu_stats.pte_update_pinned);
1891 debugfs_create_u32("pte_update_batched", 0444, d_mmu_debug,
1892 &mmu_stats.pte_update_pinned);
1894 debugfs_create_u32("mmu_update", 0444, d_mmu_debug, &mmu_stats.mmu_update);
1895 debugfs_create_u32("mmu_update_extended", 0444, d_mmu_debug,
1896 &mmu_stats.mmu_update_extended);
1897 xen_debugfs_create_u32_array("mmu_update_histo", 0444, d_mmu_debug,
1898 mmu_stats.mmu_update_histo, 20);
1900 debugfs_create_u32("set_pte_at", 0444, d_mmu_debug, &mmu_stats.set_pte_at);
1901 debugfs_create_u32("set_pte_at_batched", 0444, d_mmu_debug,
1902 &mmu_stats.set_pte_at_batched);
1903 debugfs_create_u32("set_pte_at_current", 0444, d_mmu_debug,
1904 &mmu_stats.set_pte_at_current);
1905 debugfs_create_u32("set_pte_at_kernel", 0444, d_mmu_debug,
1906 &mmu_stats.set_pte_at_kernel);
1908 debugfs_create_u32("prot_commit", 0444, d_mmu_debug, &mmu_stats.prot_commit);
1909 debugfs_create_u32("prot_commit_batched", 0444, d_mmu_debug,
1910 &mmu_stats.prot_commit_batched);
1914 fs_initcall(xen_mmu_debugfs);
1916 #endif /* CONFIG_XEN_DEBUG_FS */
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob