1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright 2015-2016, Aneesh Kumar K.V, IBM Corporation.
4 */
5
6 #include <linux/sched.h>
7 #include <linux/mm_types.h>
8 #include <linux/memblock.h>
9 #include <linux/memremap.h>
10 #include <linux/pkeys.h>
11 #include <linux/debugfs.h>
12 #include <misc/cxl-base.h>
13
14 #include <asm/pgalloc.h>
15 #include <asm/tlb.h>
16 #include <asm/trace.h>
17 #include <asm/powernv.h>
18 #include <asm/firmware.h>
19 #include <asm/ultravisor.h>
20 #include <asm/kexec.h>
21
22 #include <mm/mmu_decl.h>
23 #include <trace/events/thp.h>
24
25 #include "internal.h"
26
27 struct mmu_psize_def mmu_psize_defs[MMU_PAGE_COUNT];
28 EXPORT_SYMBOL_GPL(mmu_psize_defs);
29
30 #ifdef CONFIG_SPARSEMEM_VMEMMAP
31 int mmu_vmemmap_psize = MMU_PAGE_4K;
32 #endif
33
34 unsigned long __pmd_frag_nr;
35 EXPORT_SYMBOL(__pmd_frag_nr);
36 unsigned long __pmd_frag_size_shift;
37 EXPORT_SYMBOL(__pmd_frag_size_shift);
38
39 #ifdef CONFIG_TRANSPARENT_HUGEPAGE
40 /*
41 * This is called when relaxing access to a hugepage. It's also called in the page
42 * fault path when we don't hit any of the major fault cases, ie, a minor
43 * update of _PAGE_ACCESSED, _PAGE_DIRTY, etc... The generic code will have
44 * handled those two for us, we additionally deal with missing execute
45 * permission here on some processors
46 */
pmdp_set_access_flags(struct vm_area_struct * vma,unsigned long address,pmd_t * pmdp,pmd_t entry,int dirty)47 int pmdp_set_access_flags(struct vm_area_struct *vma, unsigned long address,
48 pmd_t *pmdp, pmd_t entry, int dirty)
49 {
50 int changed;
51 #ifdef CONFIG_DEBUG_VM
52 WARN_ON(!pmd_trans_huge(*pmdp) && !pmd_devmap(*pmdp));
53 assert_spin_locked(pmd_lockptr(vma->vm_mm, pmdp));
54 #endif
55 changed = !pmd_same(*(pmdp), entry);
56 if (changed) {
57 /*
58 * We can use MMU_PAGE_2M here, because only radix
59 * path look at the psize.
60 */
61 __ptep_set_access_flags(vma, pmdp_ptep(pmdp),
62 pmd_pte(entry), address, MMU_PAGE_2M);
63 }
64 return changed;
65 }
66
pmdp_test_and_clear_young(struct vm_area_struct * vma,unsigned long address,pmd_t * pmdp)67 int pmdp_test_and_clear_young(struct vm_area_struct *vma,
68 unsigned long address, pmd_t *pmdp)
69 {
70 return __pmdp_test_and_clear_young(vma->vm_mm, address, pmdp);
71 }
72 /*
73 * set a new huge pmd. We should not be called for updating
74 * an existing pmd entry. That should go via pmd_hugepage_update.
75 */
set_pmd_at(struct mm_struct * mm,unsigned long addr,pmd_t * pmdp,pmd_t pmd)76 void set_pmd_at(struct mm_struct *mm, unsigned long addr,
77 pmd_t *pmdp, pmd_t pmd)
78 {
79 #ifdef CONFIG_DEBUG_VM
80 /*
81 * Make sure hardware valid bit is not set. We don't do
82 * tlb flush for this update.
83 */
84
85 WARN_ON(pte_hw_valid(pmd_pte(*pmdp)) && !pte_protnone(pmd_pte(*pmdp)));
86 assert_spin_locked(pmd_lockptr(mm, pmdp));
87 WARN_ON(!(pmd_large(pmd)));
88 #endif
89 trace_hugepage_set_pmd(addr, pmd_val(pmd));
90 return set_pte_at(mm, addr, pmdp_ptep(pmdp), pmd_pte(pmd));
91 }
92
do_serialize(void * arg)93 static void do_serialize(void *arg)
94 {
95 /* We've taken the IPI, so try to trim the mask while here */
96 if (radix_enabled()) {
97 struct mm_struct *mm = arg;
98 exit_lazy_flush_tlb(mm, false);
99 }
100 }
101
102 /*
103 * Serialize against find_current_mm_pte which does lock-less
104 * lookup in page tables with local interrupts disabled. For huge pages
105 * it casts pmd_t to pte_t. Since format of pte_t is different from
106 * pmd_t we want to prevent transit from pmd pointing to page table
107 * to pmd pointing to huge page (and back) while interrupts are disabled.
108 * We clear pmd to possibly replace it with page table pointer in
109 * different code paths. So make sure we wait for the parallel
110 * find_current_mm_pte to finish.
111 */
serialize_against_pte_lookup(struct mm_struct * mm)112 void serialize_against_pte_lookup(struct mm_struct *mm)
113 {
114 smp_mb();
115 smp_call_function_many(mm_cpumask(mm), do_serialize, mm, 1);
116 }
117
118 /*
119 * We use this to invalidate a pmdp entry before switching from a
120 * hugepte to regular pmd entry.
121 */
pmdp_invalidate(struct vm_area_struct * vma,unsigned long address,pmd_t * pmdp)122 pmd_t pmdp_invalidate(struct vm_area_struct *vma, unsigned long address,
123 pmd_t *pmdp)
124 {
125 unsigned long old_pmd;
126
127 old_pmd = pmd_hugepage_update(vma->vm_mm, address, pmdp, _PAGE_PRESENT, _PAGE_INVALID);
128 flush_pmd_tlb_range(vma, address, address + HPAGE_PMD_SIZE);
129 return __pmd(old_pmd);
130 }
131
pmdp_huge_get_and_clear_full(struct vm_area_struct * vma,unsigned long addr,pmd_t * pmdp,int full)132 pmd_t pmdp_huge_get_and_clear_full(struct vm_area_struct *vma,
133 unsigned long addr, pmd_t *pmdp, int full)
134 {
135 pmd_t pmd;
136 VM_BUG_ON(addr & ~HPAGE_PMD_MASK);
137 VM_BUG_ON((pmd_present(*pmdp) && !pmd_trans_huge(*pmdp) &&
138 !pmd_devmap(*pmdp)) || !pmd_present(*pmdp));
139 pmd = pmdp_huge_get_and_clear(vma->vm_mm, addr, pmdp);
140 /*
141 * if it not a fullmm flush, then we can possibly end up converting
142 * this PMD pte entry to a regular level 0 PTE by a parallel page fault.
143 * Make sure we flush the tlb in this case.
144 */
145 if (!full)
146 flush_pmd_tlb_range(vma, addr, addr + HPAGE_PMD_SIZE);
147 return pmd;
148 }
149
pmd_set_protbits(pmd_t pmd,pgprot_t pgprot)150 static pmd_t pmd_set_protbits(pmd_t pmd, pgprot_t pgprot)
151 {
152 return __pmd(pmd_val(pmd) | pgprot_val(pgprot));
153 }
154
155 /*
156 * At some point we should be able to get rid of
157 * pmd_mkhuge() and mk_huge_pmd() when we update all the
158 * other archs to mark the pmd huge in pfn_pmd()
159 */
pfn_pmd(unsigned long pfn,pgprot_t pgprot)160 pmd_t pfn_pmd(unsigned long pfn, pgprot_t pgprot)
161 {
162 unsigned long pmdv;
163
164 pmdv = (pfn << PAGE_SHIFT) & PTE_RPN_MASK;
165
166 return __pmd_mkhuge(pmd_set_protbits(__pmd(pmdv), pgprot));
167 }
168
mk_pmd(struct page * page,pgprot_t pgprot)169 pmd_t mk_pmd(struct page *page, pgprot_t pgprot)
170 {
171 return pfn_pmd(page_to_pfn(page), pgprot);
172 }
173
pmd_modify(pmd_t pmd,pgprot_t newprot)174 pmd_t pmd_modify(pmd_t pmd, pgprot_t newprot)
175 {
176 unsigned long pmdv;
177
178 pmdv = pmd_val(pmd);
179 pmdv &= _HPAGE_CHG_MASK;
180 return pmd_set_protbits(__pmd(pmdv), newprot);
181 }
182 #endif /* CONFIG_TRANSPARENT_HUGEPAGE */
183
184 /* For use by kexec, called with MMU off */
mmu_cleanup_all(void)185 notrace void mmu_cleanup_all(void)
186 {
187 if (radix_enabled())
188 radix__mmu_cleanup_all();
189 else if (mmu_hash_ops.hpte_clear_all)
190 mmu_hash_ops.hpte_clear_all();
191
192 reset_sprs();
193 }
194
195 #ifdef CONFIG_MEMORY_HOTPLUG
create_section_mapping(unsigned long start,unsigned long end,int nid,pgprot_t prot)196 int __meminit create_section_mapping(unsigned long start, unsigned long end,
197 int nid, pgprot_t prot)
198 {
199 if (radix_enabled())
200 return radix__create_section_mapping(start, end, nid, prot);
201
202 return hash__create_section_mapping(start, end, nid, prot);
203 }
204
remove_section_mapping(unsigned long start,unsigned long end)205 int __meminit remove_section_mapping(unsigned long start, unsigned long end)
206 {
207 if (radix_enabled())
208 return radix__remove_section_mapping(start, end);
209
210 return hash__remove_section_mapping(start, end);
211 }
212 #endif /* CONFIG_MEMORY_HOTPLUG */
213
mmu_partition_table_init(void)214 void __init mmu_partition_table_init(void)
215 {
216 unsigned long patb_size = 1UL << PATB_SIZE_SHIFT;
217 unsigned long ptcr;
218
219 /* Initialize the Partition Table with no entries */
220 partition_tb = memblock_alloc(patb_size, patb_size);
221 if (!partition_tb)
222 panic("%s: Failed to allocate %lu bytes align=0x%lx\n",
223 __func__, patb_size, patb_size);
224
225 ptcr = __pa(partition_tb) | (PATB_SIZE_SHIFT - 12);
226 set_ptcr_when_no_uv(ptcr);
227 powernv_set_nmmu_ptcr(ptcr);
228 }
229
flush_partition(unsigned int lpid,bool radix)230 static void flush_partition(unsigned int lpid, bool radix)
231 {
232 if (radix) {
233 radix__flush_all_lpid(lpid);
234 radix__flush_all_lpid_guest(lpid);
235 } else {
236 asm volatile("ptesync" : : : "memory");
237 asm volatile(PPC_TLBIE_5(%0,%1,2,0,0) : :
238 "r" (TLBIEL_INVAL_SET_LPID), "r" (lpid));
239 /* do we need fixup here ?*/
240 asm volatile("eieio; tlbsync; ptesync" : : : "memory");
241 trace_tlbie(lpid, 0, TLBIEL_INVAL_SET_LPID, lpid, 2, 0, 0);
242 }
243 }
244
mmu_partition_table_set_entry(unsigned int lpid,unsigned long dw0,unsigned long dw1,bool flush)245 void mmu_partition_table_set_entry(unsigned int lpid, unsigned long dw0,
246 unsigned long dw1, bool flush)
247 {
248 unsigned long old = be64_to_cpu(partition_tb[lpid].patb0);
249
250 /*
251 * When ultravisor is enabled, the partition table is stored in secure
252 * memory and can only be accessed doing an ultravisor call. However, we
253 * maintain a copy of the partition table in normal memory to allow Nest
254 * MMU translations to occur (for normal VMs).
255 *
256 * Therefore, here we always update partition_tb, regardless of whether
257 * we are running under an ultravisor or not.
258 */
259 partition_tb[lpid].patb0 = cpu_to_be64(dw0);
260 partition_tb[lpid].patb1 = cpu_to_be64(dw1);
261
262 /*
263 * If ultravisor is enabled, we do an ultravisor call to register the
264 * partition table entry (PATE), which also do a global flush of TLBs
265 * and partition table caches for the lpid. Otherwise, just do the
266 * flush. The type of flush (hash or radix) depends on what the previous
267 * use of the partition ID was, not the new use.
268 */
269 if (firmware_has_feature(FW_FEATURE_ULTRAVISOR)) {
270 uv_register_pate(lpid, dw0, dw1);
271 pr_info("PATE registered by ultravisor: dw0 = 0x%lx, dw1 = 0x%lx\n",
272 dw0, dw1);
273 } else if (flush) {
274 /*
275 * Boot does not need to flush, because MMU is off and each
276 * CPU does a tlbiel_all() before switching them on, which
277 * flushes everything.
278 */
279 flush_partition(lpid, (old & PATB_HR));
280 }
281 }
282 EXPORT_SYMBOL_GPL(mmu_partition_table_set_entry);
283
get_pmd_from_cache(struct mm_struct * mm)284 static pmd_t *get_pmd_from_cache(struct mm_struct *mm)
285 {
286 void *pmd_frag, *ret;
287
288 if (PMD_FRAG_NR == 1)
289 return NULL;
290
291 spin_lock(&mm->page_table_lock);
292 ret = mm->context.pmd_frag;
293 if (ret) {
294 pmd_frag = ret + PMD_FRAG_SIZE;
295 /*
296 * If we have taken up all the fragments mark PTE page NULL
297 */
298 if (((unsigned long)pmd_frag & ~PAGE_MASK) == 0)
299 pmd_frag = NULL;
300 mm->context.pmd_frag = pmd_frag;
301 }
302 spin_unlock(&mm->page_table_lock);
303 return (pmd_t *)ret;
304 }
305
__alloc_for_pmdcache(struct mm_struct * mm)306 static pmd_t *__alloc_for_pmdcache(struct mm_struct *mm)
307 {
308 void *ret = NULL;
309 struct page *page;
310 gfp_t gfp = GFP_KERNEL_ACCOUNT | __GFP_ZERO;
311
312 if (mm == &init_mm)
313 gfp &= ~__GFP_ACCOUNT;
314 page = alloc_page(gfp);
315 if (!page)
316 return NULL;
317 if (!pgtable_pmd_page_ctor(page)) {
318 __free_pages(page, 0);
319 return NULL;
320 }
321
322 atomic_set(&page->pt_frag_refcount, 1);
323
324 ret = page_address(page);
325 /*
326 * if we support only one fragment just return the
327 * allocated page.
328 */
329 if (PMD_FRAG_NR == 1)
330 return ret;
331
332 spin_lock(&mm->page_table_lock);
333 /*
334 * If we find pgtable_page set, we return
335 * the allocated page with single fragment
336 * count.
337 */
338 if (likely(!mm->context.pmd_frag)) {
339 atomic_set(&page->pt_frag_refcount, PMD_FRAG_NR);
340 mm->context.pmd_frag = ret + PMD_FRAG_SIZE;
341 }
342 spin_unlock(&mm->page_table_lock);
343
344 return (pmd_t *)ret;
345 }
346
pmd_fragment_alloc(struct mm_struct * mm,unsigned long vmaddr)347 pmd_t *pmd_fragment_alloc(struct mm_struct *mm, unsigned long vmaddr)
348 {
349 pmd_t *pmd;
350
351 pmd = get_pmd_from_cache(mm);
352 if (pmd)
353 return pmd;
354
355 return __alloc_for_pmdcache(mm);
356 }
357
pmd_fragment_free(unsigned long * pmd)358 void pmd_fragment_free(unsigned long *pmd)
359 {
360 struct page *page = virt_to_page(pmd);
361
362 if (PageReserved(page))
363 return free_reserved_page(page);
364
365 BUG_ON(atomic_read(&page->pt_frag_refcount) <= 0);
366 if (atomic_dec_and_test(&page->pt_frag_refcount)) {
367 pgtable_pmd_page_dtor(page);
368 __free_page(page);
369 }
370 }
371
pgtable_free(void * table,int index)372 static inline void pgtable_free(void *table, int index)
373 {
374 switch (index) {
375 case PTE_INDEX:
376 pte_fragment_free(table, 0);
377 break;
378 case PMD_INDEX:
379 pmd_fragment_free(table);
380 break;
381 case PUD_INDEX:
382 __pud_free(table);
383 break;
384 #if defined(CONFIG_PPC_4K_PAGES) && defined(CONFIG_HUGETLB_PAGE)
385 /* 16M hugepd directory at pud level */
386 case HTLB_16M_INDEX:
387 BUILD_BUG_ON(H_16M_CACHE_INDEX <= 0);
388 kmem_cache_free(PGT_CACHE(H_16M_CACHE_INDEX), table);
389 break;
390 /* 16G hugepd directory at the pgd level */
391 case HTLB_16G_INDEX:
392 BUILD_BUG_ON(H_16G_CACHE_INDEX <= 0);
393 kmem_cache_free(PGT_CACHE(H_16G_CACHE_INDEX), table);
394 break;
395 #endif
396 /* We don't free pgd table via RCU callback */
397 default:
398 BUG();
399 }
400 }
401
pgtable_free_tlb(struct mmu_gather * tlb,void * table,int index)402 void pgtable_free_tlb(struct mmu_gather *tlb, void *table, int index)
403 {
404 unsigned long pgf = (unsigned long)table;
405
406 BUG_ON(index > MAX_PGTABLE_INDEX_SIZE);
407 pgf |= index;
408 tlb_remove_table(tlb, (void *)pgf);
409 }
410
__tlb_remove_table(void * _table)411 void __tlb_remove_table(void *_table)
412 {
413 void *table = (void *)((unsigned long)_table & ~MAX_PGTABLE_INDEX_SIZE);
414 unsigned int index = (unsigned long)_table & MAX_PGTABLE_INDEX_SIZE;
415
416 return pgtable_free(table, index);
417 }
418
419 #ifdef CONFIG_PROC_FS
420 atomic_long_t direct_pages_count[MMU_PAGE_COUNT];
421
arch_report_meminfo(struct seq_file * m)422 void arch_report_meminfo(struct seq_file *m)
423 {
424 /*
425 * Hash maps the memory with one size mmu_linear_psize.
426 * So don't bother to print these on hash
427 */
428 if (!radix_enabled())
429 return;
430 seq_printf(m, "DirectMap4k: %8lu kB\n",
431 atomic_long_read(&direct_pages_count[MMU_PAGE_4K]) << 2);
432 seq_printf(m, "DirectMap64k: %8lu kB\n",
433 atomic_long_read(&direct_pages_count[MMU_PAGE_64K]) << 6);
434 seq_printf(m, "DirectMap2M: %8lu kB\n",
435 atomic_long_read(&direct_pages_count[MMU_PAGE_2M]) << 11);
436 seq_printf(m, "DirectMap1G: %8lu kB\n",
437 atomic_long_read(&direct_pages_count[MMU_PAGE_1G]) << 20);
438 }
439 #endif /* CONFIG_PROC_FS */
440
ptep_modify_prot_start(struct vm_area_struct * vma,unsigned long addr,pte_t * ptep)441 pte_t ptep_modify_prot_start(struct vm_area_struct *vma, unsigned long addr,
442 pte_t *ptep)
443 {
444 unsigned long pte_val;
445
446 /*
447 * Clear the _PAGE_PRESENT so that no hardware parallel update is
448 * possible. Also keep the pte_present true so that we don't take
449 * wrong fault.
450 */
451 pte_val = pte_update(vma->vm_mm, addr, ptep, _PAGE_PRESENT, _PAGE_INVALID, 0);
452
453 return __pte(pte_val);
454
455 }
456
ptep_modify_prot_commit(struct vm_area_struct * vma,unsigned long addr,pte_t * ptep,pte_t old_pte,pte_t pte)457 void ptep_modify_prot_commit(struct vm_area_struct *vma, unsigned long addr,
458 pte_t *ptep, pte_t old_pte, pte_t pte)
459 {
460 if (radix_enabled())
461 return radix__ptep_modify_prot_commit(vma, addr,
462 ptep, old_pte, pte);
463 set_pte_at(vma->vm_mm, addr, ptep, pte);
464 }
465
466 /*
467 * For hash translation mode, we use the deposited table to store hash slot
468 * information and they are stored at PTRS_PER_PMD offset from related pmd
469 * location. Hence a pmd move requires deposit and withdraw.
470 *
471 * For radix translation with split pmd ptl, we store the deposited table in the
472 * pmd page. Hence if we have different pmd page we need to withdraw during pmd
473 * move.
474 *
475 * With hash we use deposited table always irrespective of anon or not.
476 * With radix we use deposited table only for anonymous mapping.
477 */
pmd_move_must_withdraw(struct spinlock * new_pmd_ptl,struct spinlock * old_pmd_ptl,struct vm_area_struct * vma)478 int pmd_move_must_withdraw(struct spinlock *new_pmd_ptl,
479 struct spinlock *old_pmd_ptl,
480 struct vm_area_struct *vma)
481 {
482 if (radix_enabled())
483 return (new_pmd_ptl != old_pmd_ptl) && vma_is_anonymous(vma);
484
485 return true;
486 }
487
488 /*
489 * Does the CPU support tlbie?
490 */
491 bool tlbie_capable __read_mostly = true;
492 EXPORT_SYMBOL(tlbie_capable);
493
494 /*
495 * Should tlbie be used for management of CPU TLBs, for kernel and process
496 * address spaces? tlbie may still be used for nMMU accelerators, and for KVM
497 * guest address spaces.
498 */
499 bool tlbie_enabled __read_mostly = true;
500
setup_disable_tlbie(char * str)501 static int __init setup_disable_tlbie(char *str)
502 {
503 if (!radix_enabled()) {
504 pr_err("disable_tlbie: Unable to disable TLBIE with Hash MMU.\n");
505 return 1;
506 }
507
508 tlbie_capable = false;
509 tlbie_enabled = false;
510
511 return 1;
512 }
513 __setup("disable_tlbie", setup_disable_tlbie);
514
pgtable_debugfs_setup(void)515 static int __init pgtable_debugfs_setup(void)
516 {
517 if (!tlbie_capable)
518 return 0;
519
520 /*
521 * There is no locking vs tlb flushing when changing this value.
522 * The tlb flushers will see one value or another, and use either
523 * tlbie or tlbiel with IPIs. In both cases the TLBs will be
524 * invalidated as expected.
525 */
526 debugfs_create_bool("tlbie_enabled", 0600,
527 arch_debugfs_dir,
528 &tlbie_enabled);
529
530 return 0;
531 }
532 arch_initcall(pgtable_debugfs_setup);
533
534 #if defined(CONFIG_ZONE_DEVICE) && defined(CONFIG_ARCH_HAS_MEMREMAP_COMPAT_ALIGN)
535 /*
536 * Override the generic version in mm/memremap.c.
537 *
538 * With hash translation, the direct-map range is mapped with just one
539 * page size selected by htab_init_page_sizes(). Consult
540 * mmu_psize_defs[] to determine the minimum page size alignment.
541 */
memremap_compat_align(void)542 unsigned long memremap_compat_align(void)
543 {
544 if (!radix_enabled()) {
545 unsigned int shift = mmu_psize_defs[mmu_linear_psize].shift;
546 return max(SUBSECTION_SIZE, 1UL << shift);
547 }
548
549 return SUBSECTION_SIZE;
550 }
551 EXPORT_SYMBOL_GPL(memremap_compat_align);
552 #endif
553
vm_get_page_prot(unsigned long vm_flags)554 pgprot_t vm_get_page_prot(unsigned long vm_flags)
555 {
556 unsigned long prot;
557
558 /* Radix supports execute-only, but protection_map maps X -> RX */
559 if (radix_enabled() && ((vm_flags & VM_ACCESS_FLAGS) == VM_EXEC)) {
560 prot = pgprot_val(PAGE_EXECONLY);
561 } else {
562 prot = pgprot_val(protection_map[vm_flags &
563 (VM_ACCESS_FLAGS | VM_SHARED)]);
564 }
565
566 if (vm_flags & VM_SAO)
567 prot |= _PAGE_SAO;
568
569 #ifdef CONFIG_PPC_MEM_KEYS
570 prot |= vmflag_to_pte_pkey_bits(vm_flags);
571 #endif
572
573 return __pgprot(prot);
574 }
575 EXPORT_SYMBOL(vm_get_page_prot);
576