1 /* arch/sparc64/mm/tsb.c
2 *
3 * Copyright (C) 2006, 2008 David S. Miller <davem@davemloft.net>
4 */
5
6 #include <linux/kernel.h>
7 #include <linux/preempt.h>
8 #include <linux/slab.h>
9 #include <asm/page.h>
10 #include <asm/pgtable.h>
11 #include <asm/mmu_context.h>
12 #include <asm/tsb.h>
13 #include <asm/tlb.h>
14 #include <asm/oplib.h>
15
16 extern struct tsb swapper_tsb[KERNEL_TSB_NENTRIES];
17
tsb_hash(unsigned long vaddr,unsigned long hash_shift,unsigned long nentries)18 static inline unsigned long tsb_hash(unsigned long vaddr, unsigned long hash_shift, unsigned long nentries)
19 {
20 vaddr >>= hash_shift;
21 return vaddr & (nentries - 1);
22 }
23
tag_compare(unsigned long tag,unsigned long vaddr)24 static inline int tag_compare(unsigned long tag, unsigned long vaddr)
25 {
26 return (tag == (vaddr >> 22));
27 }
28
29 /* TSB flushes need only occur on the processor initiating the address
30 * space modification, not on each cpu the address space has run on.
31 * Only the TLB flush needs that treatment.
32 */
33
flush_tsb_kernel_range(unsigned long start,unsigned long end)34 void flush_tsb_kernel_range(unsigned long start, unsigned long end)
35 {
36 unsigned long v;
37
38 for (v = start; v < end; v += PAGE_SIZE) {
39 unsigned long hash = tsb_hash(v, PAGE_SHIFT,
40 KERNEL_TSB_NENTRIES);
41 struct tsb *ent = &swapper_tsb[hash];
42
43 if (tag_compare(ent->tag, v))
44 ent->tag = (1UL << TSB_TAG_INVALID_BIT);
45 }
46 }
47
__flush_tsb_one_entry(unsigned long tsb,unsigned long v,unsigned long hash_shift,unsigned long nentries)48 static void __flush_tsb_one_entry(unsigned long tsb, unsigned long v,
49 unsigned long hash_shift,
50 unsigned long nentries)
51 {
52 unsigned long tag, ent, hash;
53
54 v &= ~0x1UL;
55 hash = tsb_hash(v, hash_shift, nentries);
56 ent = tsb + (hash * sizeof(struct tsb));
57 tag = (v >> 22UL);
58
59 tsb_flush(ent, tag);
60 }
61
__flush_tsb_one(struct tlb_batch * tb,unsigned long hash_shift,unsigned long tsb,unsigned long nentries)62 static void __flush_tsb_one(struct tlb_batch *tb, unsigned long hash_shift,
63 unsigned long tsb, unsigned long nentries)
64 {
65 unsigned long i;
66
67 for (i = 0; i < tb->tlb_nr; i++)
68 __flush_tsb_one_entry(tsb, tb->vaddrs[i], hash_shift, nentries);
69 }
70
flush_tsb_user(struct tlb_batch * tb)71 void flush_tsb_user(struct tlb_batch *tb)
72 {
73 struct mm_struct *mm = tb->mm;
74 unsigned long nentries, base, flags;
75
76 spin_lock_irqsave(&mm->context.lock, flags);
77
78 base = (unsigned long) mm->context.tsb_block[MM_TSB_BASE].tsb;
79 nentries = mm->context.tsb_block[MM_TSB_BASE].tsb_nentries;
80 if (tlb_type == cheetah_plus || tlb_type == hypervisor)
81 base = __pa(base);
82 __flush_tsb_one(tb, PAGE_SHIFT, base, nentries);
83
84 #ifdef CONFIG_HUGETLB_PAGE
85 if (mm->context.tsb_block[MM_TSB_HUGE].tsb) {
86 base = (unsigned long) mm->context.tsb_block[MM_TSB_HUGE].tsb;
87 nentries = mm->context.tsb_block[MM_TSB_HUGE].tsb_nentries;
88 if (tlb_type == cheetah_plus || tlb_type == hypervisor)
89 base = __pa(base);
90 __flush_tsb_one(tb, HPAGE_SHIFT, base, nentries);
91 }
92 #endif
93 spin_unlock_irqrestore(&mm->context.lock, flags);
94 }
95
flush_tsb_user_page(struct mm_struct * mm,unsigned long vaddr)96 void flush_tsb_user_page(struct mm_struct *mm, unsigned long vaddr)
97 {
98 unsigned long nentries, base, flags;
99
100 spin_lock_irqsave(&mm->context.lock, flags);
101
102 base = (unsigned long) mm->context.tsb_block[MM_TSB_BASE].tsb;
103 nentries = mm->context.tsb_block[MM_TSB_BASE].tsb_nentries;
104 if (tlb_type == cheetah_plus || tlb_type == hypervisor)
105 base = __pa(base);
106 __flush_tsb_one_entry(base, vaddr, PAGE_SHIFT, nentries);
107
108 #if defined(CONFIG_HUGETLB_PAGE) || defined(CONFIG_TRANSPARENT_HUGEPAGE)
109 if (mm->context.tsb_block[MM_TSB_HUGE].tsb) {
110 base = (unsigned long) mm->context.tsb_block[MM_TSB_HUGE].tsb;
111 nentries = mm->context.tsb_block[MM_TSB_HUGE].tsb_nentries;
112 if (tlb_type == cheetah_plus || tlb_type == hypervisor)
113 base = __pa(base);
114 __flush_tsb_one_entry(base, vaddr, HPAGE_SHIFT, nentries);
115 }
116 #endif
117 spin_unlock_irqrestore(&mm->context.lock, flags);
118 }
119
120 #if defined(CONFIG_SPARC64_PAGE_SIZE_8KB)
121 #define HV_PGSZ_IDX_BASE HV_PGSZ_IDX_8K
122 #define HV_PGSZ_MASK_BASE HV_PGSZ_MASK_8K
123 #elif defined(CONFIG_SPARC64_PAGE_SIZE_64KB)
124 #define HV_PGSZ_IDX_BASE HV_PGSZ_IDX_64K
125 #define HV_PGSZ_MASK_BASE HV_PGSZ_MASK_64K
126 #else
127 #error Broken base page size setting...
128 #endif
129
130 #ifdef CONFIG_HUGETLB_PAGE
131 #if defined(CONFIG_HUGETLB_PAGE_SIZE_64K)
132 #define HV_PGSZ_IDX_HUGE HV_PGSZ_IDX_64K
133 #define HV_PGSZ_MASK_HUGE HV_PGSZ_MASK_64K
134 #elif defined(CONFIG_HUGETLB_PAGE_SIZE_512K)
135 #define HV_PGSZ_IDX_HUGE HV_PGSZ_IDX_512K
136 #define HV_PGSZ_MASK_HUGE HV_PGSZ_MASK_512K
137 #elif defined(CONFIG_HUGETLB_PAGE_SIZE_4MB)
138 #define HV_PGSZ_IDX_HUGE HV_PGSZ_IDX_4MB
139 #define HV_PGSZ_MASK_HUGE HV_PGSZ_MASK_4MB
140 #else
141 #error Broken huge page size setting...
142 #endif
143 #endif
144
setup_tsb_params(struct mm_struct * mm,unsigned long tsb_idx,unsigned long tsb_bytes)145 static void setup_tsb_params(struct mm_struct *mm, unsigned long tsb_idx, unsigned long tsb_bytes)
146 {
147 unsigned long tsb_reg, base, tsb_paddr;
148 unsigned long page_sz, tte;
149
150 mm->context.tsb_block[tsb_idx].tsb_nentries =
151 tsb_bytes / sizeof(struct tsb);
152
153 base = TSBMAP_BASE;
154 tte = pgprot_val(PAGE_KERNEL_LOCKED);
155 tsb_paddr = __pa(mm->context.tsb_block[tsb_idx].tsb);
156 BUG_ON(tsb_paddr & (tsb_bytes - 1UL));
157
158 /* Use the smallest page size that can map the whole TSB
159 * in one TLB entry.
160 */
161 switch (tsb_bytes) {
162 case 8192 << 0:
163 tsb_reg = 0x0UL;
164 #ifdef DCACHE_ALIASING_POSSIBLE
165 base += (tsb_paddr & 8192);
166 #endif
167 page_sz = 8192;
168 break;
169
170 case 8192 << 1:
171 tsb_reg = 0x1UL;
172 page_sz = 64 * 1024;
173 break;
174
175 case 8192 << 2:
176 tsb_reg = 0x2UL;
177 page_sz = 64 * 1024;
178 break;
179
180 case 8192 << 3:
181 tsb_reg = 0x3UL;
182 page_sz = 64 * 1024;
183 break;
184
185 case 8192 << 4:
186 tsb_reg = 0x4UL;
187 page_sz = 512 * 1024;
188 break;
189
190 case 8192 << 5:
191 tsb_reg = 0x5UL;
192 page_sz = 512 * 1024;
193 break;
194
195 case 8192 << 6:
196 tsb_reg = 0x6UL;
197 page_sz = 512 * 1024;
198 break;
199
200 case 8192 << 7:
201 tsb_reg = 0x7UL;
202 page_sz = 4 * 1024 * 1024;
203 break;
204
205 default:
206 printk(KERN_ERR "TSB[%s:%d]: Impossible TSB size %lu, killing process.\n",
207 current->comm, current->pid, tsb_bytes);
208 do_exit(SIGSEGV);
209 }
210 tte |= pte_sz_bits(page_sz);
211
212 if (tlb_type == cheetah_plus || tlb_type == hypervisor) {
213 /* Physical mapping, no locked TLB entry for TSB. */
214 tsb_reg |= tsb_paddr;
215
216 mm->context.tsb_block[tsb_idx].tsb_reg_val = tsb_reg;
217 mm->context.tsb_block[tsb_idx].tsb_map_vaddr = 0;
218 mm->context.tsb_block[tsb_idx].tsb_map_pte = 0;
219 } else {
220 tsb_reg |= base;
221 tsb_reg |= (tsb_paddr & (page_sz - 1UL));
222 tte |= (tsb_paddr & ~(page_sz - 1UL));
223
224 mm->context.tsb_block[tsb_idx].tsb_reg_val = tsb_reg;
225 mm->context.tsb_block[tsb_idx].tsb_map_vaddr = base;
226 mm->context.tsb_block[tsb_idx].tsb_map_pte = tte;
227 }
228
229 /* Setup the Hypervisor TSB descriptor. */
230 if (tlb_type == hypervisor) {
231 struct hv_tsb_descr *hp = &mm->context.tsb_descr[tsb_idx];
232
233 switch (tsb_idx) {
234 case MM_TSB_BASE:
235 hp->pgsz_idx = HV_PGSZ_IDX_BASE;
236 break;
237 #ifdef CONFIG_HUGETLB_PAGE
238 case MM_TSB_HUGE:
239 hp->pgsz_idx = HV_PGSZ_IDX_HUGE;
240 break;
241 #endif
242 default:
243 BUG();
244 }
245 hp->assoc = 1;
246 hp->num_ttes = tsb_bytes / 16;
247 hp->ctx_idx = 0;
248 switch (tsb_idx) {
249 case MM_TSB_BASE:
250 hp->pgsz_mask = HV_PGSZ_MASK_BASE;
251 break;
252 #ifdef CONFIG_HUGETLB_PAGE
253 case MM_TSB_HUGE:
254 hp->pgsz_mask = HV_PGSZ_MASK_HUGE;
255 break;
256 #endif
257 default:
258 BUG();
259 }
260 hp->tsb_base = tsb_paddr;
261 hp->resv = 0;
262 }
263 }
264
265 struct kmem_cache *pgtable_cache __read_mostly;
266
267 static struct kmem_cache *tsb_caches[8] __read_mostly;
268
269 static const char *tsb_cache_names[8] = {
270 "tsb_8KB",
271 "tsb_16KB",
272 "tsb_32KB",
273 "tsb_64KB",
274 "tsb_128KB",
275 "tsb_256KB",
276 "tsb_512KB",
277 "tsb_1MB",
278 };
279
pgtable_cache_init(void)280 void __init pgtable_cache_init(void)
281 {
282 unsigned long i;
283
284 pgtable_cache = kmem_cache_create("pgtable_cache",
285 PAGE_SIZE, PAGE_SIZE,
286 0,
287 _clear_page);
288 if (!pgtable_cache) {
289 prom_printf("pgtable_cache_init(): Could not create!\n");
290 prom_halt();
291 }
292
293 for (i = 0; i < 8; i++) {
294 unsigned long size = 8192 << i;
295 const char *name = tsb_cache_names[i];
296
297 tsb_caches[i] = kmem_cache_create(name,
298 size, size,
299 0, NULL);
300 if (!tsb_caches[i]) {
301 prom_printf("Could not create %s cache\n", name);
302 prom_halt();
303 }
304 }
305 }
306
307 int sysctl_tsb_ratio = -2;
308
tsb_size_to_rss_limit(unsigned long new_size)309 static unsigned long tsb_size_to_rss_limit(unsigned long new_size)
310 {
311 unsigned long num_ents = (new_size / sizeof(struct tsb));
312
313 if (sysctl_tsb_ratio < 0)
314 return num_ents - (num_ents >> -sysctl_tsb_ratio);
315 else
316 return num_ents + (num_ents >> sysctl_tsb_ratio);
317 }
318
319 /* When the RSS of an address space exceeds tsb_rss_limit for a TSB,
320 * do_sparc64_fault() invokes this routine to try and grow it.
321 *
322 * When we reach the maximum TSB size supported, we stick ~0UL into
323 * tsb_rss_limit for that TSB so the grow checks in do_sparc64_fault()
324 * will not trigger any longer.
325 *
326 * The TSB can be anywhere from 8K to 1MB in size, in increasing powers
327 * of two. The TSB must be aligned to it's size, so f.e. a 512K TSB
328 * must be 512K aligned. It also must be physically contiguous, so we
329 * cannot use vmalloc().
330 *
331 * The idea here is to grow the TSB when the RSS of the process approaches
332 * the number of entries that the current TSB can hold at once. Currently,
333 * we trigger when the RSS hits 3/4 of the TSB capacity.
334 */
tsb_grow(struct mm_struct * mm,unsigned long tsb_index,unsigned long rss)335 void tsb_grow(struct mm_struct *mm, unsigned long tsb_index, unsigned long rss)
336 {
337 unsigned long max_tsb_size = 1 * 1024 * 1024;
338 unsigned long new_size, old_size, flags;
339 struct tsb *old_tsb, *new_tsb;
340 unsigned long new_cache_index, old_cache_index;
341 unsigned long new_rss_limit;
342 gfp_t gfp_flags;
343
344 if (max_tsb_size > (PAGE_SIZE << MAX_ORDER))
345 max_tsb_size = (PAGE_SIZE << MAX_ORDER);
346
347 new_cache_index = 0;
348 for (new_size = 8192; new_size < max_tsb_size; new_size <<= 1UL) {
349 new_rss_limit = tsb_size_to_rss_limit(new_size);
350 if (new_rss_limit > rss)
351 break;
352 new_cache_index++;
353 }
354
355 if (new_size == max_tsb_size)
356 new_rss_limit = ~0UL;
357
358 retry_tsb_alloc:
359 gfp_flags = GFP_KERNEL;
360 if (new_size > (PAGE_SIZE * 2))
361 gfp_flags = __GFP_NOWARN | __GFP_NORETRY;
362
363 new_tsb = kmem_cache_alloc_node(tsb_caches[new_cache_index],
364 gfp_flags, numa_node_id());
365 if (unlikely(!new_tsb)) {
366 /* Not being able to fork due to a high-order TSB
367 * allocation failure is very bad behavior. Just back
368 * down to a 0-order allocation and force no TSB
369 * growing for this address space.
370 */
371 if (mm->context.tsb_block[tsb_index].tsb == NULL &&
372 new_cache_index > 0) {
373 new_cache_index = 0;
374 new_size = 8192;
375 new_rss_limit = ~0UL;
376 goto retry_tsb_alloc;
377 }
378
379 /* If we failed on a TSB grow, we are under serious
380 * memory pressure so don't try to grow any more.
381 */
382 if (mm->context.tsb_block[tsb_index].tsb != NULL)
383 mm->context.tsb_block[tsb_index].tsb_rss_limit = ~0UL;
384 return;
385 }
386
387 /* Mark all tags as invalid. */
388 tsb_init(new_tsb, new_size);
389
390 /* Ok, we are about to commit the changes. If we are
391 * growing an existing TSB the locking is very tricky,
392 * so WATCH OUT!
393 *
394 * We have to hold mm->context.lock while committing to the
395 * new TSB, this synchronizes us with processors in
396 * flush_tsb_user() and switch_mm() for this address space.
397 *
398 * But even with that lock held, processors run asynchronously
399 * accessing the old TSB via TLB miss handling. This is OK
400 * because those actions are just propagating state from the
401 * Linux page tables into the TSB, page table mappings are not
402 * being changed. If a real fault occurs, the processor will
403 * synchronize with us when it hits flush_tsb_user(), this is
404 * also true for the case where vmscan is modifying the page
405 * tables. The only thing we need to be careful with is to
406 * skip any locked TSB entries during copy_tsb().
407 *
408 * When we finish committing to the new TSB, we have to drop
409 * the lock and ask all other cpus running this address space
410 * to run tsb_context_switch() to see the new TSB table.
411 */
412 spin_lock_irqsave(&mm->context.lock, flags);
413
414 old_tsb = mm->context.tsb_block[tsb_index].tsb;
415 old_cache_index =
416 (mm->context.tsb_block[tsb_index].tsb_reg_val & 0x7UL);
417 old_size = (mm->context.tsb_block[tsb_index].tsb_nentries *
418 sizeof(struct tsb));
419
420
421 /* Handle multiple threads trying to grow the TSB at the same time.
422 * One will get in here first, and bump the size and the RSS limit.
423 * The others will get in here next and hit this check.
424 */
425 if (unlikely(old_tsb &&
426 (rss < mm->context.tsb_block[tsb_index].tsb_rss_limit))) {
427 spin_unlock_irqrestore(&mm->context.lock, flags);
428
429 kmem_cache_free(tsb_caches[new_cache_index], new_tsb);
430 return;
431 }
432
433 mm->context.tsb_block[tsb_index].tsb_rss_limit = new_rss_limit;
434
435 if (old_tsb) {
436 extern void copy_tsb(unsigned long old_tsb_base,
437 unsigned long old_tsb_size,
438 unsigned long new_tsb_base,
439 unsigned long new_tsb_size);
440 unsigned long old_tsb_base = (unsigned long) old_tsb;
441 unsigned long new_tsb_base = (unsigned long) new_tsb;
442
443 if (tlb_type == cheetah_plus || tlb_type == hypervisor) {
444 old_tsb_base = __pa(old_tsb_base);
445 new_tsb_base = __pa(new_tsb_base);
446 }
447 copy_tsb(old_tsb_base, old_size, new_tsb_base, new_size);
448 }
449
450 mm->context.tsb_block[tsb_index].tsb = new_tsb;
451 setup_tsb_params(mm, tsb_index, new_size);
452
453 spin_unlock_irqrestore(&mm->context.lock, flags);
454
455 /* If old_tsb is NULL, we're being invoked for the first time
456 * from init_new_context().
457 */
458 if (old_tsb) {
459 /* Reload it on the local cpu. */
460 tsb_context_switch(mm);
461
462 /* Now force other processors to do the same. */
463 preempt_disable();
464 smp_tsb_sync(mm);
465 preempt_enable();
466
467 /* Now it is safe to free the old tsb. */
468 kmem_cache_free(tsb_caches[old_cache_index], old_tsb);
469 }
470 }
471
init_new_context(struct task_struct * tsk,struct mm_struct * mm)472 int init_new_context(struct task_struct *tsk, struct mm_struct *mm)
473 {
474 #ifdef CONFIG_HUGETLB_PAGE
475 unsigned long huge_pte_count;
476 #endif
477 unsigned int i;
478
479 spin_lock_init(&mm->context.lock);
480
481 mm->context.sparc64_ctx_val = 0UL;
482
483 #ifdef CONFIG_HUGETLB_PAGE
484 /* We reset it to zero because the fork() page copying
485 * will re-increment the counters as the parent PTEs are
486 * copied into the child address space.
487 */
488 huge_pte_count = mm->context.huge_pte_count;
489 mm->context.huge_pte_count = 0;
490 #endif
491
492 /* copy_mm() copies over the parent's mm_struct before calling
493 * us, so we need to zero out the TSB pointer or else tsb_grow()
494 * will be confused and think there is an older TSB to free up.
495 */
496 for (i = 0; i < MM_NUM_TSBS; i++)
497 mm->context.tsb_block[i].tsb = NULL;
498
499 /* If this is fork, inherit the parent's TSB size. We would
500 * grow it to that size on the first page fault anyways.
501 */
502 tsb_grow(mm, MM_TSB_BASE, get_mm_rss(mm));
503
504 #ifdef CONFIG_HUGETLB_PAGE
505 if (unlikely(huge_pte_count))
506 tsb_grow(mm, MM_TSB_HUGE, huge_pte_count);
507 #endif
508
509 if (unlikely(!mm->context.tsb_block[MM_TSB_BASE].tsb))
510 return -ENOMEM;
511
512 return 0;
513 }
514
tsb_destroy_one(struct tsb_config * tp)515 static void tsb_destroy_one(struct tsb_config *tp)
516 {
517 unsigned long cache_index;
518
519 if (!tp->tsb)
520 return;
521 cache_index = tp->tsb_reg_val & 0x7UL;
522 kmem_cache_free(tsb_caches[cache_index], tp->tsb);
523 tp->tsb = NULL;
524 tp->tsb_reg_val = 0UL;
525 }
526
destroy_context(struct mm_struct * mm)527 void destroy_context(struct mm_struct *mm)
528 {
529 unsigned long flags, i;
530
531 for (i = 0; i < MM_NUM_TSBS; i++)
532 tsb_destroy_one(&mm->context.tsb_block[i]);
533
534 spin_lock_irqsave(&ctx_alloc_lock, flags);
535
536 if (CTX_VALID(mm->context)) {
537 unsigned long nr = CTX_NRBITS(mm->context);
538 mmu_context_bmap[nr>>6] &= ~(1UL << (nr & 63));
539 }
540
541 spin_unlock_irqrestore(&ctx_alloc_lock, flags);
542 }
543