1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 * Copyright 2019 Joyent, Inc. 26 */ 27 28 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 29 /* All Rights Reserved */ 30 31 /* 32 * University Copyright- Copyright (c) 1982, 1986, 1988 33 * The Regents of the University of California 34 * All Rights Reserved 35 * 36 * University Acknowledgment- Portions of this document are derived from 37 * software developed by the University of California, Berkeley, and its 38 * contributors. 39 */ 40 41 /* 42 * VM - segment of a mapped device. 43 * 44 * This segment driver is used when mapping character special devices. 45 */ 46 47 #include <sys/types.h> 48 #include <sys/t_lock.h> 49 #include <sys/sysmacros.h> 50 #include <sys/vtrace.h> 51 #include <sys/systm.h> 52 #include <sys/vmsystm.h> 53 #include <sys/mman.h> 54 #include <sys/errno.h> 55 #include <sys/kmem.h> 56 #include <sys/cmn_err.h> 57 #include <sys/vnode.h> 58 #include <sys/proc.h> 59 #include <sys/conf.h> 60 #include <sys/debug.h> 61 #include <sys/ddidevmap.h> 62 #include <sys/ddi_implfuncs.h> 63 #include <sys/lgrp.h> 64 65 #include <vm/page.h> 66 #include <vm/hat.h> 67 #include <vm/as.h> 68 #include <vm/seg.h> 69 #include <vm/seg_dev.h> 70 #include <vm/seg_kp.h> 71 #include <vm/seg_kmem.h> 72 #include <vm/vpage.h> 73 74 #include <sys/sunddi.h> 75 #include <sys/esunddi.h> 76 #include <sys/fs/snode.h> 77 78 79 #if DEBUG 80 int segdev_debug; 81 #define DEBUGF(level, args) { if (segdev_debug >= (level)) cmn_err args; } 82 #else 83 #define DEBUGF(level, args) 84 #endif 85 86 /* Default timeout for devmap context management */ 87 #define CTX_TIMEOUT_VALUE 0 88 89 #define HOLD_DHP_LOCK(dhp) if (dhp->dh_flags & DEVMAP_ALLOW_REMAP) \ 90 { mutex_enter(&dhp->dh_lock); } 91 92 #define RELE_DHP_LOCK(dhp) if (dhp->dh_flags & DEVMAP_ALLOW_REMAP) \ 93 { mutex_exit(&dhp->dh_lock); } 94 95 #define round_down_p2(a, s) ((a) & ~((s) - 1)) 96 #define round_up_p2(a, s) (((a) + (s) - 1) & ~((s) - 1)) 97 98 /* 99 * VA_PA_ALIGNED checks to see if both VA and PA are on pgsize boundary 100 * VA_PA_PGSIZE_ALIGNED check to see if VA is aligned with PA w.r.t. pgsize 101 */ 102 #define VA_PA_ALIGNED(uvaddr, paddr, pgsize) \ 103 (((uvaddr | paddr) & (pgsize - 1)) == 0) 104 #define VA_PA_PGSIZE_ALIGNED(uvaddr, paddr, pgsize) \ 105 (((uvaddr ^ paddr) & (pgsize - 1)) == 0) 106 107 #define vpgtob(n) ((n) * sizeof (struct vpage)) /* For brevity */ 108 109 #define VTOCVP(vp) (VTOS(vp)->s_commonvp) /* we "know" it's an snode */ 110 111 static struct devmap_ctx *devmapctx_list = NULL; 112 static struct devmap_softlock *devmap_slist = NULL; 113 114 /* 115 * mutex, vnode and page for the page of zeros we use for the trash mappings. 116 * One trash page is allocated on the first ddi_umem_setup call that uses it 117 * XXX Eventually, we may want to combine this with what segnf does when all 118 * hat layers implement HAT_NOFAULT. 119 * 120 * The trash page is used when the backing store for a userland mapping is 121 * removed but the application semantics do not take kindly to a SIGBUS. 122 * In that scenario, the applications pages are mapped to some dummy page 123 * which returns garbage on read and writes go into a common place. 124 * (Perfect for NO_FAULT semantics) 125 * The device driver is responsible to communicating to the app with some 126 * other mechanism that such remapping has happened and the app should take 127 * corrective action. 128 * We can also use an anonymous memory page as there is no requirement to 129 * keep the page locked, however this complicates the fault code. RFE. 130 */ 131 static struct vnode trashvp; 132 static struct page *trashpp; 133 134 /* Non-pageable kernel memory is allocated from the umem_np_arena. */ 135 static vmem_t *umem_np_arena; 136 137 /* Set the cookie to a value we know will never be a valid umem_cookie */ 138 #define DEVMAP_DEVMEM_COOKIE ((ddi_umem_cookie_t)0x1) 139 140 /* 141 * Macros to check if type of devmap handle 142 */ 143 #define cookie_is_devmem(c) \ 144 ((c) == (struct ddi_umem_cookie *)DEVMAP_DEVMEM_COOKIE) 145 146 #define cookie_is_pmem(c) \ 147 ((c) == (struct ddi_umem_cookie *)DEVMAP_PMEM_COOKIE) 148 149 #define cookie_is_kpmem(c) (!cookie_is_devmem(c) && !cookie_is_pmem(c) &&\ 150 ((c)->type == KMEM_PAGEABLE)) 151 152 #define dhp_is_devmem(dhp) \ 153 (cookie_is_devmem((struct ddi_umem_cookie *)((dhp)->dh_cookie))) 154 155 #define dhp_is_pmem(dhp) \ 156 (cookie_is_pmem((struct ddi_umem_cookie *)((dhp)->dh_cookie))) 157 158 #define dhp_is_kpmem(dhp) \ 159 (cookie_is_kpmem((struct ddi_umem_cookie *)((dhp)->dh_cookie))) 160 161 /* 162 * Private seg op routines. 163 */ 164 static int segdev_dup(struct seg *, struct seg *); 165 static int segdev_unmap(struct seg *, caddr_t, size_t); 166 static void segdev_free(struct seg *); 167 static faultcode_t segdev_fault(struct hat *, struct seg *, caddr_t, size_t, 168 enum fault_type, enum seg_rw); 169 static faultcode_t segdev_faulta(struct seg *, caddr_t); 170 static int segdev_setprot(struct seg *, caddr_t, size_t, uint_t); 171 static int segdev_checkprot(struct seg *, caddr_t, size_t, uint_t); 172 static void segdev_badop(void); 173 static int segdev_sync(struct seg *, caddr_t, size_t, int, uint_t); 174 static size_t segdev_incore(struct seg *, caddr_t, size_t, char *); 175 static int segdev_lockop(struct seg *, caddr_t, size_t, int, int, 176 ulong_t *, size_t); 177 static int segdev_getprot(struct seg *, caddr_t, size_t, uint_t *); 178 static u_offset_t segdev_getoffset(struct seg *, caddr_t); 179 static int segdev_gettype(struct seg *, caddr_t); 180 static int segdev_getvp(struct seg *, caddr_t, struct vnode **); 181 static int segdev_advise(struct seg *, caddr_t, size_t, uint_t); 182 static void segdev_dump(struct seg *); 183 static int segdev_pagelock(struct seg *, caddr_t, size_t, 184 struct page ***, enum lock_type, enum seg_rw); 185 static int segdev_setpagesize(struct seg *, caddr_t, size_t, uint_t); 186 static int segdev_getmemid(struct seg *, caddr_t, memid_t *); 187 static lgrp_mem_policy_info_t *segdev_getpolicy(struct seg *, caddr_t); 188 static int segdev_capable(struct seg *, segcapability_t); 189 190 /* 191 * XXX this struct is used by rootnex_map_fault to identify 192 * the segment it has been passed. So if you make it 193 * "static" you'll need to fix rootnex_map_fault. 194 */ 195 struct seg_ops segdev_ops = { 196 segdev_dup, 197 segdev_unmap, 198 segdev_free, 199 segdev_fault, 200 segdev_faulta, 201 segdev_setprot, 202 segdev_checkprot, 203 (int (*)())segdev_badop, /* kluster */ 204 (size_t (*)(struct seg *))NULL, /* swapout */ 205 segdev_sync, /* sync */ 206 segdev_incore, 207 segdev_lockop, /* lockop */ 208 segdev_getprot, 209 segdev_getoffset, 210 segdev_gettype, 211 segdev_getvp, 212 segdev_advise, 213 segdev_dump, 214 segdev_pagelock, 215 segdev_setpagesize, 216 segdev_getmemid, 217 segdev_getpolicy, 218 segdev_capable, 219 seg_inherit_notsup 220 }; 221 222 /* 223 * Private segdev support routines 224 */ 225 static struct segdev_data *sdp_alloc(void); 226 227 static void segdev_softunlock(struct hat *, struct seg *, caddr_t, 228 size_t, enum seg_rw); 229 230 static faultcode_t segdev_faultpage(struct hat *, struct seg *, caddr_t, 231 struct vpage *, enum fault_type, enum seg_rw, devmap_handle_t *); 232 233 static faultcode_t segdev_faultpages(struct hat *, struct seg *, caddr_t, 234 size_t, enum fault_type, enum seg_rw, devmap_handle_t *); 235 236 static struct devmap_ctx *devmap_ctxinit(dev_t, ulong_t); 237 static struct devmap_softlock *devmap_softlock_init(dev_t, ulong_t); 238 static void devmap_softlock_rele(devmap_handle_t *); 239 static void devmap_ctx_rele(devmap_handle_t *); 240 241 static void devmap_ctxto(void *); 242 243 static devmap_handle_t *devmap_find_handle(devmap_handle_t *dhp_head, 244 caddr_t addr); 245 246 static ulong_t devmap_roundup(devmap_handle_t *dhp, ulong_t offset, size_t len, 247 ulong_t *opfn, ulong_t *pagesize); 248 249 static void free_devmap_handle(devmap_handle_t *dhp); 250 251 static int devmap_handle_dup(devmap_handle_t *dhp, devmap_handle_t **new_dhp, 252 struct seg *newseg); 253 254 static devmap_handle_t *devmap_handle_unmap(devmap_handle_t *dhp); 255 256 static void devmap_handle_unmap_head(devmap_handle_t *dhp, size_t len); 257 258 static void devmap_handle_unmap_tail(devmap_handle_t *dhp, caddr_t addr); 259 260 static int devmap_device(devmap_handle_t *dhp, struct as *as, caddr_t *addr, 261 offset_t off, size_t len, uint_t flags); 262 263 static void devmap_get_large_pgsize(devmap_handle_t *dhp, size_t len, 264 caddr_t addr, size_t *llen, caddr_t *laddr); 265 266 static void devmap_handle_reduce_len(devmap_handle_t *dhp, size_t len); 267 268 static void *devmap_alloc_pages(vmem_t *vmp, size_t size, int vmflag); 269 static void devmap_free_pages(vmem_t *vmp, void *inaddr, size_t size); 270 271 static void *devmap_umem_alloc_np(size_t size, size_t flags); 272 static void devmap_umem_free_np(void *addr, size_t size); 273 274 /* 275 * routines to lock and unlock underlying segkp segment for 276 * KMEM_PAGEABLE type cookies. 277 */ 278 static faultcode_t acquire_kpmem_lock(struct ddi_umem_cookie *, size_t); 279 static void release_kpmem_lock(struct ddi_umem_cookie *, size_t); 280 281 /* 282 * Routines to synchronize F_SOFTLOCK and F_INVAL faults for 283 * drivers with devmap_access callbacks 284 */ 285 static int devmap_softlock_enter(struct devmap_softlock *, size_t, 286 enum fault_type); 287 static void devmap_softlock_exit(struct devmap_softlock *, size_t, 288 enum fault_type); 289 290 static kmutex_t devmapctx_lock; 291 292 static kmutex_t devmap_slock; 293 294 /* 295 * Initialize the thread callbacks and thread private data. 296 */ 297 static struct devmap_ctx * 298 devmap_ctxinit(dev_t dev, ulong_t id) 299 { 300 struct devmap_ctx *devctx; 301 struct devmap_ctx *tmp; 302 dev_info_t *dip; 303 304 tmp = kmem_zalloc(sizeof (struct devmap_ctx), KM_SLEEP); 305 306 mutex_enter(&devmapctx_lock); 307 308 dip = e_ddi_hold_devi_by_dev(dev, 0); 309 ASSERT(dip != NULL); 310 ddi_release_devi(dip); 311 312 for (devctx = devmapctx_list; devctx != NULL; devctx = devctx->next) 313 if ((devctx->dip == dip) && (devctx->id == id)) 314 break; 315 316 if (devctx == NULL) { 317 devctx = tmp; 318 devctx->dip = dip; 319 devctx->id = id; 320 mutex_init(&devctx->lock, NULL, MUTEX_DEFAULT, NULL); 321 cv_init(&devctx->cv, NULL, CV_DEFAULT, NULL); 322 devctx->next = devmapctx_list; 323 devmapctx_list = devctx; 324 } else 325 kmem_free(tmp, sizeof (struct devmap_ctx)); 326 327 mutex_enter(&devctx->lock); 328 devctx->refcnt++; 329 mutex_exit(&devctx->lock); 330 mutex_exit(&devmapctx_lock); 331 332 return (devctx); 333 } 334 335 /* 336 * Timeout callback called if a CPU has not given up the device context 337 * within dhp->dh_timeout_length ticks 338 */ 339 static void 340 devmap_ctxto(void *data) 341 { 342 struct devmap_ctx *devctx = data; 343 344 TRACE_1(TR_FAC_DEVMAP, TR_DEVMAP_CTXTO, 345 "devmap_ctxto:timeout expired, devctx=%p", (void *)devctx); 346 mutex_enter(&devctx->lock); 347 /* 348 * Set oncpu = 0 so the next mapping trying to get the device context 349 * can. 350 */ 351 devctx->oncpu = 0; 352 devctx->timeout = 0; 353 cv_signal(&devctx->cv); 354 mutex_exit(&devctx->lock); 355 } 356 357 /* 358 * Create a device segment. 359 */ 360 int 361 segdev_create(struct seg **segpp, void *argsp) 362 { 363 struct seg *seg = *segpp; 364 struct segdev_data *sdp; 365 struct segdev_crargs *a = (struct segdev_crargs *)argsp; 366 devmap_handle_t *dhp = (devmap_handle_t *)a->devmap_data; 367 int error; 368 369 /* 370 * Since the address space is "write" locked, we 371 * don't need the segment lock to protect "segdev" data. 372 */ 373 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as)); 374 375 hat_map(seg->s_as->a_hat, seg->s_base, seg->s_size, HAT_MAP); 376 377 sdp = sdp_alloc(); 378 379 sdp->mapfunc = a->mapfunc; 380 sdp->offset = a->offset; 381 sdp->prot = a->prot; 382 sdp->maxprot = a->maxprot; 383 sdp->type = a->type; 384 sdp->pageprot = 0; 385 sdp->softlockcnt = 0; 386 sdp->vpage = NULL; 387 388 if (sdp->mapfunc == NULL) 389 sdp->devmap_data = dhp; 390 else 391 sdp->devmap_data = dhp = NULL; 392 393 sdp->hat_flags = a->hat_flags; 394 sdp->hat_attr = a->hat_attr; 395 396 /* 397 * Currently, hat_flags supports only HAT_LOAD_NOCONSIST 398 */ 399 ASSERT(!(sdp->hat_flags & ~HAT_LOAD_NOCONSIST)); 400 401 /* 402 * Hold shadow vnode -- segdev only deals with 403 * character (VCHR) devices. We use the common 404 * vp to hang pages on. 405 */ 406 sdp->vp = specfind(a->dev, VCHR); 407 ASSERT(sdp->vp != NULL); 408 409 seg->s_ops = &segdev_ops; 410 seg->s_data = sdp; 411 412 while (dhp != NULL) { 413 dhp->dh_seg = seg; 414 dhp = dhp->dh_next; 415 } 416 417 /* 418 * Inform the vnode of the new mapping. 419 */ 420 /* 421 * It is ok to use pass sdp->maxprot to ADDMAP rather than to use 422 * dhp specific maxprot because spec_addmap does not use maxprot. 423 */ 424 error = VOP_ADDMAP(VTOCVP(sdp->vp), sdp->offset, 425 seg->s_as, seg->s_base, seg->s_size, 426 sdp->prot, sdp->maxprot, sdp->type, CRED(), NULL); 427 428 if (error != 0) { 429 sdp->devmap_data = NULL; 430 hat_unload(seg->s_as->a_hat, seg->s_base, seg->s_size, 431 HAT_UNLOAD_UNMAP); 432 } else { 433 /* 434 * Mappings of /dev/null don't count towards the VSZ of a 435 * process. Mappings of /dev/null have no mapping type. 436 */ 437 if ((SEGOP_GETTYPE(seg, (seg)->s_base) & (MAP_SHARED | 438 MAP_PRIVATE)) == 0) { 439 seg->s_as->a_resvsize -= seg->s_size; 440 } 441 } 442 443 return (error); 444 } 445 446 static struct segdev_data * 447 sdp_alloc(void) 448 { 449 struct segdev_data *sdp; 450 451 sdp = kmem_zalloc(sizeof (struct segdev_data), KM_SLEEP); 452 rw_init(&sdp->lock, NULL, RW_DEFAULT, NULL); 453 454 return (sdp); 455 } 456 457 /* 458 * Duplicate seg and return new segment in newseg. 459 */ 460 static int 461 segdev_dup(struct seg *seg, struct seg *newseg) 462 { 463 struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 464 struct segdev_data *newsdp; 465 devmap_handle_t *dhp = (devmap_handle_t *)sdp->devmap_data; 466 size_t npages; 467 int ret; 468 469 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_DUP, 470 "segdev_dup:start dhp=%p, seg=%p", (void *)dhp, (void *)seg); 471 472 DEBUGF(3, (CE_CONT, "segdev_dup: dhp %p seg %p\n", 473 (void *)dhp, (void *)seg)); 474 475 /* 476 * Since the address space is "write" locked, we 477 * don't need the segment lock to protect "segdev" data. 478 */ 479 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as)); 480 481 newsdp = sdp_alloc(); 482 483 newseg->s_ops = seg->s_ops; 484 newseg->s_data = (void *)newsdp; 485 486 VN_HOLD(sdp->vp); 487 newsdp->vp = sdp->vp; 488 newsdp->mapfunc = sdp->mapfunc; 489 newsdp->offset = sdp->offset; 490 newsdp->pageprot = sdp->pageprot; 491 newsdp->prot = sdp->prot; 492 newsdp->maxprot = sdp->maxprot; 493 newsdp->type = sdp->type; 494 newsdp->hat_attr = sdp->hat_attr; 495 newsdp->hat_flags = sdp->hat_flags; 496 newsdp->softlockcnt = 0; 497 498 /* 499 * Initialize per page data if the segment we are 500 * dup'ing has per page information. 501 */ 502 npages = seg_pages(newseg); 503 504 if (sdp->vpage != NULL) { 505 size_t nbytes = vpgtob(npages); 506 507 newsdp->vpage = kmem_zalloc(nbytes, KM_SLEEP); 508 bcopy(sdp->vpage, newsdp->vpage, nbytes); 509 } else 510 newsdp->vpage = NULL; 511 512 /* 513 * duplicate devmap handles 514 */ 515 if (dhp != NULL) { 516 ret = devmap_handle_dup(dhp, 517 (devmap_handle_t **)&newsdp->devmap_data, newseg); 518 if (ret != 0) { 519 TRACE_3(TR_FAC_DEVMAP, TR_DEVMAP_DUP_CK1, 520 "segdev_dup:ret1 ret=%x, dhp=%p seg=%p", 521 ret, (void *)dhp, (void *)seg); 522 DEBUGF(1, (CE_CONT, 523 "segdev_dup: ret %x dhp %p seg %p\n", 524 ret, (void *)dhp, (void *)seg)); 525 return (ret); 526 } 527 } 528 529 /* 530 * Inform the common vnode of the new mapping. 531 */ 532 return (VOP_ADDMAP(VTOCVP(newsdp->vp), 533 newsdp->offset, newseg->s_as, 534 newseg->s_base, newseg->s_size, newsdp->prot, 535 newsdp->maxprot, sdp->type, CRED(), NULL)); 536 } 537 538 /* 539 * duplicate devmap handles 540 */ 541 static int 542 devmap_handle_dup(devmap_handle_t *dhp, devmap_handle_t **new_dhp, 543 struct seg *newseg) 544 { 545 devmap_handle_t *newdhp_save = NULL; 546 devmap_handle_t *newdhp = NULL; 547 struct devmap_callback_ctl *callbackops; 548 549 while (dhp != NULL) { 550 newdhp = kmem_alloc(sizeof (devmap_handle_t), KM_SLEEP); 551 552 /* Need to lock the original dhp while copying if REMAP */ 553 HOLD_DHP_LOCK(dhp); 554 bcopy(dhp, newdhp, sizeof (devmap_handle_t)); 555 RELE_DHP_LOCK(dhp); 556 newdhp->dh_seg = newseg; 557 newdhp->dh_next = NULL; 558 if (newdhp_save != NULL) 559 newdhp_save->dh_next = newdhp; 560 else 561 *new_dhp = newdhp; 562 newdhp_save = newdhp; 563 564 callbackops = &newdhp->dh_callbackops; 565 566 if (dhp->dh_softlock != NULL) 567 newdhp->dh_softlock = devmap_softlock_init( 568 newdhp->dh_dev, 569 (ulong_t)callbackops->devmap_access); 570 if (dhp->dh_ctx != NULL) 571 newdhp->dh_ctx = devmap_ctxinit(newdhp->dh_dev, 572 (ulong_t)callbackops->devmap_access); 573 574 /* 575 * Initialize dh_lock if we want to do remap. 576 */ 577 if (newdhp->dh_flags & DEVMAP_ALLOW_REMAP) { 578 mutex_init(&newdhp->dh_lock, NULL, MUTEX_DEFAULT, NULL); 579 newdhp->dh_flags |= DEVMAP_LOCK_INITED; 580 } 581 582 if (callbackops->devmap_dup != NULL) { 583 int ret; 584 585 /* 586 * Call the dup callback so that the driver can 587 * duplicate its private data. 588 */ 589 ret = (*callbackops->devmap_dup)(dhp, dhp->dh_pvtp, 590 (devmap_cookie_t *)newdhp, &newdhp->dh_pvtp); 591 592 if (ret != 0) { 593 /* 594 * We want to free up this segment as the driver 595 * has indicated that we can't dup it. But we 596 * don't want to call the drivers, devmap_unmap, 597 * callback function as the driver does not 598 * think this segment exists. The caller of 599 * devmap_dup will call seg_free on newseg 600 * as it was the caller that allocated the 601 * segment. 602 */ 603 DEBUGF(1, (CE_CONT, "devmap_handle_dup ERROR: " 604 "newdhp %p dhp %p\n", (void *)newdhp, 605 (void *)dhp)); 606 callbackops->devmap_unmap = NULL; 607 return (ret); 608 } 609 } 610 611 dhp = dhp->dh_next; 612 } 613 614 return (0); 615 } 616 617 /* 618 * Split a segment at addr for length len. 619 */ 620 /*ARGSUSED*/ 621 static int 622 segdev_unmap(struct seg *seg, caddr_t addr, size_t len) 623 { 624 register struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 625 register struct segdev_data *nsdp; 626 register struct seg *nseg; 627 register size_t opages; /* old segment size in pages */ 628 register size_t npages; /* new segment size in pages */ 629 register size_t dpages; /* pages being deleted (unmapped) */ 630 register size_t nbytes; 631 devmap_handle_t *dhp = (devmap_handle_t *)sdp->devmap_data; 632 devmap_handle_t *dhpp; 633 devmap_handle_t *newdhp; 634 struct devmap_callback_ctl *callbackops; 635 caddr_t nbase; 636 offset_t off; 637 ulong_t nsize; 638 size_t mlen, sz; 639 640 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_UNMAP, 641 "segdev_unmap:start dhp=%p, seg=%p addr=%p len=%lx", 642 (void *)dhp, (void *)seg, (void *)addr, len); 643 644 DEBUGF(3, (CE_CONT, "segdev_unmap: dhp %p seg %p addr %p len %lx\n", 645 (void *)dhp, (void *)seg, (void *)addr, len)); 646 647 /* 648 * Since the address space is "write" locked, we 649 * don't need the segment lock to protect "segdev" data. 650 */ 651 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as)); 652 653 if ((sz = sdp->softlockcnt) > 0) { 654 /* 655 * Fail the unmap if pages are SOFTLOCKed through this mapping. 656 * softlockcnt is protected from change by the as write lock. 657 */ 658 TRACE_1(TR_FAC_DEVMAP, TR_DEVMAP_UNMAP_CK1, 659 "segdev_unmap:error softlockcnt = %ld", sz); 660 DEBUGF(1, (CE_CONT, "segdev_unmap: softlockcnt %ld\n", sz)); 661 return (EAGAIN); 662 } 663 664 /* 665 * Check for bad sizes 666 */ 667 if (addr < seg->s_base || addr + len > seg->s_base + seg->s_size || 668 (len & PAGEOFFSET) || ((uintptr_t)addr & PAGEOFFSET)) 669 panic("segdev_unmap"); 670 671 if (dhp != NULL) { 672 devmap_handle_t *tdhp; 673 /* 674 * If large page size was used in hat_devload(), 675 * the same page size must be used in hat_unload(). 676 */ 677 dhpp = tdhp = devmap_find_handle(dhp, addr); 678 while (tdhp != NULL) { 679 if (tdhp->dh_flags & DEVMAP_FLAG_LARGE) { 680 break; 681 } 682 tdhp = tdhp->dh_next; 683 } 684 if (tdhp != NULL) { /* found a dhp using large pages */ 685 size_t slen = len; 686 size_t mlen; 687 size_t soff; 688 689 soff = (ulong_t)(addr - dhpp->dh_uvaddr); 690 while (slen != 0) { 691 mlen = MIN(slen, (dhpp->dh_len - soff)); 692 hat_unload(seg->s_as->a_hat, dhpp->dh_uvaddr, 693 dhpp->dh_len, HAT_UNLOAD_UNMAP); 694 dhpp = dhpp->dh_next; 695 ASSERT(slen >= mlen); 696 slen -= mlen; 697 soff = 0; 698 } 699 } else 700 hat_unload(seg->s_as->a_hat, addr, len, 701 HAT_UNLOAD_UNMAP); 702 } else { 703 /* 704 * Unload any hardware translations in the range 705 * to be taken out. 706 */ 707 hat_unload(seg->s_as->a_hat, addr, len, HAT_UNLOAD_UNMAP); 708 } 709 710 /* 711 * get the user offset which will used in the driver callbacks 712 */ 713 off = sdp->offset + (offset_t)(addr - seg->s_base); 714 715 /* 716 * Inform the vnode of the unmapping. 717 */ 718 ASSERT(sdp->vp != NULL); 719 (void) VOP_DELMAP(VTOCVP(sdp->vp), off, seg->s_as, addr, len, 720 sdp->prot, sdp->maxprot, sdp->type, CRED(), NULL); 721 722 /* 723 * Check for entire segment 724 */ 725 if (addr == seg->s_base && len == seg->s_size) { 726 seg_free(seg); 727 return (0); 728 } 729 730 opages = seg_pages(seg); 731 dpages = btop(len); 732 npages = opages - dpages; 733 734 /* 735 * Check for beginning of segment 736 */ 737 if (addr == seg->s_base) { 738 if (sdp->vpage != NULL) { 739 register struct vpage *ovpage; 740 741 ovpage = sdp->vpage; /* keep pointer to vpage */ 742 743 nbytes = vpgtob(npages); 744 sdp->vpage = kmem_alloc(nbytes, KM_SLEEP); 745 bcopy(&ovpage[dpages], sdp->vpage, nbytes); 746 747 /* free up old vpage */ 748 kmem_free(ovpage, vpgtob(opages)); 749 } 750 751 /* 752 * free devmap handles from the beginning of the mapping. 753 */ 754 if (dhp != NULL) 755 devmap_handle_unmap_head(dhp, len); 756 757 sdp->offset += (offset_t)len; 758 759 seg->s_base += len; 760 seg->s_size -= len; 761 762 return (0); 763 } 764 765 /* 766 * Check for end of segment 767 */ 768 if (addr + len == seg->s_base + seg->s_size) { 769 if (sdp->vpage != NULL) { 770 register struct vpage *ovpage; 771 772 ovpage = sdp->vpage; /* keep pointer to vpage */ 773 774 nbytes = vpgtob(npages); 775 sdp->vpage = kmem_alloc(nbytes, KM_SLEEP); 776 bcopy(ovpage, sdp->vpage, nbytes); 777 778 /* free up old vpage */ 779 kmem_free(ovpage, vpgtob(opages)); 780 } 781 seg->s_size -= len; 782 783 /* 784 * free devmap handles from addr to the end of the mapping. 785 */ 786 if (dhp != NULL) 787 devmap_handle_unmap_tail(dhp, addr); 788 789 return (0); 790 } 791 792 /* 793 * The section to go is in the middle of the segment, 794 * have to make it into two segments. nseg is made for 795 * the high end while seg is cut down at the low end. 796 */ 797 nbase = addr + len; /* new seg base */ 798 nsize = (seg->s_base + seg->s_size) - nbase; /* new seg size */ 799 seg->s_size = addr - seg->s_base; /* shrink old seg */ 800 nseg = seg_alloc(seg->s_as, nbase, nsize); 801 if (nseg == NULL) 802 panic("segdev_unmap seg_alloc"); 803 804 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_UNMAP_CK2, 805 "segdev_unmap: seg=%p nseg=%p", (void *)seg, (void *)nseg); 806 DEBUGF(3, (CE_CONT, "segdev_unmap: segdev_dup seg %p nseg %p\n", 807 (void *)seg, (void *)nseg)); 808 nsdp = sdp_alloc(); 809 810 nseg->s_ops = seg->s_ops; 811 nseg->s_data = (void *)nsdp; 812 813 VN_HOLD(sdp->vp); 814 nsdp->mapfunc = sdp->mapfunc; 815 nsdp->offset = sdp->offset + (offset_t)(nseg->s_base - seg->s_base); 816 nsdp->vp = sdp->vp; 817 nsdp->pageprot = sdp->pageprot; 818 nsdp->prot = sdp->prot; 819 nsdp->maxprot = sdp->maxprot; 820 nsdp->type = sdp->type; 821 nsdp->hat_attr = sdp->hat_attr; 822 nsdp->hat_flags = sdp->hat_flags; 823 nsdp->softlockcnt = 0; 824 825 /* 826 * Initialize per page data if the segment we are 827 * dup'ing has per page information. 828 */ 829 if (sdp->vpage != NULL) { 830 /* need to split vpage into two arrays */ 831 register size_t nnbytes; 832 register size_t nnpages; 833 register struct vpage *ovpage; 834 835 ovpage = sdp->vpage; /* keep pointer to vpage */ 836 837 npages = seg_pages(seg); /* seg has shrunk */ 838 nbytes = vpgtob(npages); 839 nnpages = seg_pages(nseg); 840 nnbytes = vpgtob(nnpages); 841 842 sdp->vpage = kmem_alloc(nbytes, KM_SLEEP); 843 bcopy(ovpage, sdp->vpage, nbytes); 844 845 nsdp->vpage = kmem_alloc(nnbytes, KM_SLEEP); 846 bcopy(&ovpage[npages + dpages], nsdp->vpage, nnbytes); 847 848 /* free up old vpage */ 849 kmem_free(ovpage, vpgtob(opages)); 850 } else 851 nsdp->vpage = NULL; 852 853 /* 854 * unmap dhps. 855 */ 856 if (dhp == NULL) { 857 nsdp->devmap_data = NULL; 858 return (0); 859 } 860 while (dhp != NULL) { 861 callbackops = &dhp->dh_callbackops; 862 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_UNMAP_CK3, 863 "segdev_unmap: dhp=%p addr=%p", dhp, addr); 864 DEBUGF(3, (CE_CONT, "unmap: dhp %p addr %p uvaddr %p len %lx\n", 865 (void *)dhp, (void *)addr, 866 (void *)dhp->dh_uvaddr, dhp->dh_len)); 867 868 if (addr == (dhp->dh_uvaddr + dhp->dh_len)) { 869 dhpp = dhp->dh_next; 870 dhp->dh_next = NULL; 871 dhp = dhpp; 872 } else if (addr > (dhp->dh_uvaddr + dhp->dh_len)) { 873 dhp = dhp->dh_next; 874 } else if (addr > dhp->dh_uvaddr && 875 (addr + len) < (dhp->dh_uvaddr + dhp->dh_len)) { 876 /* 877 * <addr, addr+len> is enclosed by dhp. 878 * create a newdhp that begins at addr+len and 879 * ends at dhp->dh_uvaddr+dhp->dh_len. 880 */ 881 newdhp = kmem_alloc(sizeof (devmap_handle_t), KM_SLEEP); 882 HOLD_DHP_LOCK(dhp); 883 bcopy(dhp, newdhp, sizeof (devmap_handle_t)); 884 RELE_DHP_LOCK(dhp); 885 newdhp->dh_seg = nseg; 886 newdhp->dh_next = dhp->dh_next; 887 if (dhp->dh_softlock != NULL) 888 newdhp->dh_softlock = devmap_softlock_init( 889 newdhp->dh_dev, 890 (ulong_t)callbackops->devmap_access); 891 if (dhp->dh_ctx != NULL) 892 newdhp->dh_ctx = devmap_ctxinit(newdhp->dh_dev, 893 (ulong_t)callbackops->devmap_access); 894 if (newdhp->dh_flags & DEVMAP_LOCK_INITED) { 895 mutex_init(&newdhp->dh_lock, 896 NULL, MUTEX_DEFAULT, NULL); 897 } 898 if (callbackops->devmap_unmap != NULL) 899 (*callbackops->devmap_unmap)(dhp, dhp->dh_pvtp, 900 off, len, dhp, &dhp->dh_pvtp, 901 newdhp, &newdhp->dh_pvtp); 902 mlen = len + (addr - dhp->dh_uvaddr); 903 devmap_handle_reduce_len(newdhp, mlen); 904 nsdp->devmap_data = newdhp; 905 /* XX Changing len should recalculate LARGE flag */ 906 dhp->dh_len = addr - dhp->dh_uvaddr; 907 dhpp = dhp->dh_next; 908 dhp->dh_next = NULL; 909 dhp = dhpp; 910 } else if ((addr > dhp->dh_uvaddr) && 911 ((addr + len) >= (dhp->dh_uvaddr + dhp->dh_len))) { 912 mlen = dhp->dh_len + dhp->dh_uvaddr - addr; 913 /* 914 * <addr, addr+len> spans over dhps. 915 */ 916 if (callbackops->devmap_unmap != NULL) 917 (*callbackops->devmap_unmap)(dhp, dhp->dh_pvtp, 918 off, mlen, (devmap_cookie_t *)dhp, 919 &dhp->dh_pvtp, NULL, NULL); 920 /* XX Changing len should recalculate LARGE flag */ 921 dhp->dh_len = addr - dhp->dh_uvaddr; 922 dhpp = dhp->dh_next; 923 dhp->dh_next = NULL; 924 dhp = dhpp; 925 nsdp->devmap_data = dhp; 926 } else if ((addr + len) >= (dhp->dh_uvaddr + dhp->dh_len)) { 927 /* 928 * dhp is enclosed by <addr, addr+len>. 929 */ 930 dhp->dh_seg = nseg; 931 nsdp->devmap_data = dhp; 932 dhp = devmap_handle_unmap(dhp); 933 nsdp->devmap_data = dhp; /* XX redundant? */ 934 } else if (((addr + len) > dhp->dh_uvaddr) && 935 ((addr + len) < (dhp->dh_uvaddr + dhp->dh_len))) { 936 mlen = addr + len - dhp->dh_uvaddr; 937 if (callbackops->devmap_unmap != NULL) 938 (*callbackops->devmap_unmap)(dhp, dhp->dh_pvtp, 939 dhp->dh_uoff, mlen, NULL, 940 NULL, dhp, &dhp->dh_pvtp); 941 devmap_handle_reduce_len(dhp, mlen); 942 nsdp->devmap_data = dhp; 943 dhp->dh_seg = nseg; 944 dhp = dhp->dh_next; 945 } else { 946 dhp->dh_seg = nseg; 947 dhp = dhp->dh_next; 948 } 949 } 950 return (0); 951 } 952 953 /* 954 * Utility function handles reducing the length of a devmap handle during unmap 955 * Note that is only used for unmapping the front portion of the handler, 956 * i.e., we are bumping up the offset/pfn etc up by len 957 * Do not use if reducing length at the tail. 958 */ 959 static void 960 devmap_handle_reduce_len(devmap_handle_t *dhp, size_t len) 961 { 962 struct ddi_umem_cookie *cp; 963 struct devmap_pmem_cookie *pcp; 964 /* 965 * adjust devmap handle fields 966 */ 967 ASSERT(len < dhp->dh_len); 968 969 /* Make sure only page-aligned changes are done */ 970 ASSERT((len & PAGEOFFSET) == 0); 971 972 dhp->dh_len -= len; 973 dhp->dh_uoff += (offset_t)len; 974 dhp->dh_roff += (offset_t)len; 975 dhp->dh_uvaddr += len; 976 /* Need to grab dhp lock if REMAP */ 977 HOLD_DHP_LOCK(dhp); 978 cp = dhp->dh_cookie; 979 if (!(dhp->dh_flags & DEVMAP_MAPPING_INVALID)) { 980 if (cookie_is_devmem(cp)) { 981 dhp->dh_pfn += btop(len); 982 } else if (cookie_is_pmem(cp)) { 983 pcp = (struct devmap_pmem_cookie *)dhp->dh_pcookie; 984 ASSERT((dhp->dh_roff & PAGEOFFSET) == 0 && 985 dhp->dh_roff < ptob(pcp->dp_npages)); 986 } else { 987 ASSERT(dhp->dh_roff < cp->size); 988 ASSERT(dhp->dh_cvaddr >= cp->cvaddr && 989 dhp->dh_cvaddr < (cp->cvaddr + cp->size)); 990 ASSERT((dhp->dh_cvaddr + len) <= 991 (cp->cvaddr + cp->size)); 992 993 dhp->dh_cvaddr += len; 994 } 995 } 996 /* XXX - Should recalculate the DEVMAP_FLAG_LARGE after changes */ 997 RELE_DHP_LOCK(dhp); 998 } 999 1000 /* 1001 * Free devmap handle, dhp. 1002 * Return the next devmap handle on the linked list. 1003 */ 1004 static devmap_handle_t * 1005 devmap_handle_unmap(devmap_handle_t *dhp) 1006 { 1007 struct devmap_callback_ctl *callbackops = &dhp->dh_callbackops; 1008 struct segdev_data *sdp = (struct segdev_data *)dhp->dh_seg->s_data; 1009 devmap_handle_t *dhpp = (devmap_handle_t *)sdp->devmap_data; 1010 1011 ASSERT(dhp != NULL); 1012 1013 /* 1014 * before we free up dhp, call the driver's devmap_unmap entry point 1015 * to free resources allocated for this dhp. 1016 */ 1017 if (callbackops->devmap_unmap != NULL) { 1018 (*callbackops->devmap_unmap)(dhp, dhp->dh_pvtp, dhp->dh_uoff, 1019 dhp->dh_len, NULL, NULL, NULL, NULL); 1020 } 1021 1022 if (dhpp == dhp) { /* releasing first dhp, change sdp data */ 1023 sdp->devmap_data = dhp->dh_next; 1024 } else { 1025 while (dhpp->dh_next != dhp) { 1026 dhpp = dhpp->dh_next; 1027 } 1028 dhpp->dh_next = dhp->dh_next; 1029 } 1030 dhpp = dhp->dh_next; /* return value is next dhp in chain */ 1031 1032 if (dhp->dh_softlock != NULL) 1033 devmap_softlock_rele(dhp); 1034 1035 if (dhp->dh_ctx != NULL) 1036 devmap_ctx_rele(dhp); 1037 1038 if (dhp->dh_flags & DEVMAP_LOCK_INITED) { 1039 mutex_destroy(&dhp->dh_lock); 1040 } 1041 kmem_free(dhp, sizeof (devmap_handle_t)); 1042 1043 return (dhpp); 1044 } 1045 1046 /* 1047 * Free complete devmap handles from dhp for len bytes 1048 * dhp can be either the first handle or a subsequent handle 1049 */ 1050 static void 1051 devmap_handle_unmap_head(devmap_handle_t *dhp, size_t len) 1052 { 1053 struct devmap_callback_ctl *callbackops; 1054 1055 /* 1056 * free the devmap handles covered by len. 1057 */ 1058 while (len >= dhp->dh_len) { 1059 len -= dhp->dh_len; 1060 dhp = devmap_handle_unmap(dhp); 1061 } 1062 if (len != 0) { /* partial unmap at head of first remaining dhp */ 1063 callbackops = &dhp->dh_callbackops; 1064 1065 /* 1066 * Call the unmap callback so the drivers can make 1067 * adjustment on its private data. 1068 */ 1069 if (callbackops->devmap_unmap != NULL) 1070 (*callbackops->devmap_unmap)(dhp, dhp->dh_pvtp, 1071 dhp->dh_uoff, len, NULL, NULL, dhp, &dhp->dh_pvtp); 1072 devmap_handle_reduce_len(dhp, len); 1073 } 1074 } 1075 1076 /* 1077 * Free devmap handles to truncate the mapping after addr 1078 * RFE: Simpler to pass in dhp pointing at correct dhp (avoid find again) 1079 * Also could then use the routine in middle unmap case too 1080 */ 1081 static void 1082 devmap_handle_unmap_tail(devmap_handle_t *dhp, caddr_t addr) 1083 { 1084 register struct seg *seg = dhp->dh_seg; 1085 register struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 1086 register devmap_handle_t *dhph = (devmap_handle_t *)sdp->devmap_data; 1087 struct devmap_callback_ctl *callbackops; 1088 register devmap_handle_t *dhpp; 1089 size_t maplen; 1090 ulong_t off; 1091 size_t len; 1092 1093 maplen = (size_t)(addr - dhp->dh_uvaddr); 1094 dhph = devmap_find_handle(dhph, addr); 1095 1096 while (dhph != NULL) { 1097 if (maplen == 0) { 1098 dhph = devmap_handle_unmap(dhph); 1099 } else { 1100 callbackops = &dhph->dh_callbackops; 1101 len = dhph->dh_len - maplen; 1102 off = (ulong_t)sdp->offset + (addr - seg->s_base); 1103 /* 1104 * Call the unmap callback so the driver 1105 * can make adjustments on its private data. 1106 */ 1107 if (callbackops->devmap_unmap != NULL) 1108 (*callbackops->devmap_unmap)(dhph, 1109 dhph->dh_pvtp, off, len, 1110 (devmap_cookie_t *)dhph, 1111 &dhph->dh_pvtp, NULL, NULL); 1112 /* XXX Reducing len needs to recalculate LARGE flag */ 1113 dhph->dh_len = maplen; 1114 maplen = 0; 1115 dhpp = dhph->dh_next; 1116 dhph->dh_next = NULL; 1117 dhph = dhpp; 1118 } 1119 } /* end while */ 1120 } 1121 1122 /* 1123 * Free a segment. 1124 */ 1125 static void 1126 segdev_free(struct seg *seg) 1127 { 1128 register struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 1129 devmap_handle_t *dhp = (devmap_handle_t *)sdp->devmap_data; 1130 1131 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_FREE, 1132 "segdev_free: dhp=%p seg=%p", (void *)dhp, (void *)seg); 1133 DEBUGF(3, (CE_CONT, "segdev_free: dhp %p seg %p\n", 1134 (void *)dhp, (void *)seg)); 1135 1136 /* 1137 * Since the address space is "write" locked, we 1138 * don't need the segment lock to protect "segdev" data. 1139 */ 1140 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as)); 1141 1142 while (dhp != NULL) 1143 dhp = devmap_handle_unmap(dhp); 1144 1145 VN_RELE(sdp->vp); 1146 if (sdp->vpage != NULL) 1147 kmem_free(sdp->vpage, vpgtob(seg_pages(seg))); 1148 1149 rw_destroy(&sdp->lock); 1150 kmem_free(sdp, sizeof (*sdp)); 1151 } 1152 1153 static void 1154 free_devmap_handle(devmap_handle_t *dhp) 1155 { 1156 register devmap_handle_t *dhpp; 1157 1158 /* 1159 * free up devmap handle 1160 */ 1161 while (dhp != NULL) { 1162 dhpp = dhp->dh_next; 1163 if (dhp->dh_flags & DEVMAP_LOCK_INITED) { 1164 mutex_destroy(&dhp->dh_lock); 1165 } 1166 1167 if (dhp->dh_softlock != NULL) 1168 devmap_softlock_rele(dhp); 1169 1170 if (dhp->dh_ctx != NULL) 1171 devmap_ctx_rele(dhp); 1172 1173 kmem_free(dhp, sizeof (devmap_handle_t)); 1174 dhp = dhpp; 1175 } 1176 } 1177 1178 /* 1179 * routines to lock and unlock underlying segkp segment for 1180 * KMEM_PAGEABLE type cookies. 1181 * segkp only allows a single pending F_SOFTLOCK 1182 * we keep track of number of locks in the cookie so we can 1183 * have multiple pending faults and manage the calls to segkp. 1184 * RFE: if segkp supports either pagelock or can support multiple 1185 * calls to F_SOFTLOCK, then these routines can go away. 1186 * If pagelock, segdev_faultpage can fault on a page by page basis 1187 * and simplifies the code quite a bit. 1188 * if multiple calls allowed but not partial ranges, then need for 1189 * cookie->lock and locked count goes away, code can call as_fault directly 1190 */ 1191 static faultcode_t 1192 acquire_kpmem_lock(struct ddi_umem_cookie *cookie, size_t npages) 1193 { 1194 int err = 0; 1195 ASSERT(cookie_is_kpmem(cookie)); 1196 /* 1197 * Fault in pages in segkp with F_SOFTLOCK. 1198 * We want to hold the lock until all pages have been loaded. 1199 * segkp only allows single caller to hold SOFTLOCK, so cookie 1200 * holds a count so we dont call into segkp multiple times 1201 */ 1202 mutex_enter(&cookie->lock); 1203 1204 /* 1205 * Check for overflow in locked field 1206 */ 1207 if ((UINT32_MAX - cookie->locked) < npages) { 1208 err = FC_MAKE_ERR(ENOMEM); 1209 } else if (cookie->locked == 0) { 1210 /* First time locking */ 1211 err = as_fault(kas.a_hat, &kas, cookie->cvaddr, 1212 cookie->size, F_SOFTLOCK, PROT_READ|PROT_WRITE); 1213 } 1214 if (!err) { 1215 cookie->locked += npages; 1216 } 1217 mutex_exit(&cookie->lock); 1218 return (err); 1219 } 1220 1221 static void 1222 release_kpmem_lock(struct ddi_umem_cookie *cookie, size_t npages) 1223 { 1224 mutex_enter(&cookie->lock); 1225 ASSERT(cookie_is_kpmem(cookie)); 1226 ASSERT(cookie->locked >= npages); 1227 cookie->locked -= (uint_t)npages; 1228 if (cookie->locked == 0) { 1229 /* Last unlock */ 1230 if (as_fault(kas.a_hat, &kas, cookie->cvaddr, 1231 cookie->size, F_SOFTUNLOCK, PROT_READ|PROT_WRITE)) 1232 panic("segdev releasing kpmem lock %p", (void *)cookie); 1233 } 1234 mutex_exit(&cookie->lock); 1235 } 1236 1237 /* 1238 * Routines to synchronize F_SOFTLOCK and F_INVAL faults for 1239 * drivers with devmap_access callbacks 1240 * slock->softlocked basically works like a rw lock 1241 * -ve counts => F_SOFTLOCK in progress 1242 * +ve counts => F_INVAL/F_PROT in progress 1243 * We allow only one F_SOFTLOCK at a time 1244 * but can have multiple pending F_INVAL/F_PROT calls 1245 * 1246 * This routine waits using cv_wait_sig so killing processes is more graceful 1247 * Returns EINTR if coming out of this routine due to a signal, 0 otherwise 1248 */ 1249 static int devmap_softlock_enter( 1250 struct devmap_softlock *slock, 1251 size_t npages, 1252 enum fault_type type) 1253 { 1254 if (npages == 0) 1255 return (0); 1256 mutex_enter(&(slock->lock)); 1257 switch (type) { 1258 case F_SOFTLOCK : 1259 while (slock->softlocked) { 1260 if (cv_wait_sig(&(slock)->cv, &(slock)->lock) == 0) { 1261 /* signalled */ 1262 mutex_exit(&(slock->lock)); 1263 return (EINTR); 1264 } 1265 } 1266 slock->softlocked -= npages; /* -ve count => locked */ 1267 break; 1268 case F_INVAL : 1269 case F_PROT : 1270 while (slock->softlocked < 0) 1271 if (cv_wait_sig(&(slock)->cv, &(slock)->lock) == 0) { 1272 /* signalled */ 1273 mutex_exit(&(slock->lock)); 1274 return (EINTR); 1275 } 1276 slock->softlocked += npages; /* +ve count => f_invals */ 1277 break; 1278 default: 1279 ASSERT(0); 1280 } 1281 mutex_exit(&(slock->lock)); 1282 return (0); 1283 } 1284 1285 static void devmap_softlock_exit( 1286 struct devmap_softlock *slock, 1287 size_t npages, 1288 enum fault_type type) 1289 { 1290 if (slock == NULL) 1291 return; 1292 mutex_enter(&(slock->lock)); 1293 switch (type) { 1294 case F_SOFTLOCK : 1295 ASSERT(-slock->softlocked >= npages); 1296 slock->softlocked += npages; /* -ve count is softlocked */ 1297 if (slock->softlocked == 0) 1298 cv_signal(&slock->cv); 1299 break; 1300 case F_INVAL : 1301 case F_PROT: 1302 ASSERT(slock->softlocked >= npages); 1303 slock->softlocked -= npages; 1304 if (slock->softlocked == 0) 1305 cv_signal(&slock->cv); 1306 break; 1307 default: 1308 ASSERT(0); 1309 } 1310 mutex_exit(&(slock->lock)); 1311 } 1312 1313 /* 1314 * Do a F_SOFTUNLOCK call over the range requested. 1315 * The range must have already been F_SOFTLOCK'ed. 1316 * The segment lock should be held, (but not the segment private lock?) 1317 * The softunlock code below does not adjust for large page sizes 1318 * assumes the caller already did any addr/len adjustments for 1319 * pagesize mappings before calling. 1320 */ 1321 /*ARGSUSED*/ 1322 static void 1323 segdev_softunlock( 1324 struct hat *hat, /* the hat */ 1325 struct seg *seg, /* seg_dev of interest */ 1326 caddr_t addr, /* base address of range */ 1327 size_t len, /* number of bytes */ 1328 enum seg_rw rw) /* type of access at fault */ 1329 { 1330 struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 1331 devmap_handle_t *dhp_head = (devmap_handle_t *)sdp->devmap_data; 1332 1333 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_SOFTUNLOCK, 1334 "segdev_softunlock:dhp_head=%p sdp=%p addr=%p len=%lx", 1335 dhp_head, sdp, addr, len); 1336 DEBUGF(3, (CE_CONT, "segdev_softunlock: dhp %p lockcnt %lx " 1337 "addr %p len %lx\n", 1338 (void *)dhp_head, sdp->softlockcnt, (void *)addr, len)); 1339 1340 hat_unlock(hat, addr, len); 1341 1342 if (dhp_head != NULL) { 1343 devmap_handle_t *dhp; 1344 size_t mlen; 1345 size_t tlen = len; 1346 ulong_t off; 1347 1348 dhp = devmap_find_handle(dhp_head, addr); 1349 ASSERT(dhp != NULL); 1350 1351 off = (ulong_t)(addr - dhp->dh_uvaddr); 1352 while (tlen != 0) { 1353 mlen = MIN(tlen, (dhp->dh_len - off)); 1354 1355 /* 1356 * unlock segkp memory, locked during F_SOFTLOCK 1357 */ 1358 if (dhp_is_kpmem(dhp)) { 1359 release_kpmem_lock( 1360 (struct ddi_umem_cookie *)dhp->dh_cookie, 1361 btopr(mlen)); 1362 } 1363 1364 /* 1365 * Do the softlock accounting for devmap_access 1366 */ 1367 if (dhp->dh_callbackops.devmap_access != NULL) { 1368 devmap_softlock_exit(dhp->dh_softlock, 1369 btopr(mlen), F_SOFTLOCK); 1370 } 1371 1372 tlen -= mlen; 1373 dhp = dhp->dh_next; 1374 off = 0; 1375 } 1376 } 1377 1378 mutex_enter(&freemem_lock); 1379 ASSERT(sdp->softlockcnt >= btopr(len)); 1380 sdp->softlockcnt -= btopr(len); 1381 mutex_exit(&freemem_lock); 1382 if (sdp->softlockcnt == 0) { 1383 /* 1384 * All SOFTLOCKS are gone. Wakeup any waiting 1385 * unmappers so they can try again to unmap. 1386 * Check for waiters first without the mutex 1387 * held so we don't always grab the mutex on 1388 * softunlocks. 1389 */ 1390 if (AS_ISUNMAPWAIT(seg->s_as)) { 1391 mutex_enter(&seg->s_as->a_contents); 1392 if (AS_ISUNMAPWAIT(seg->s_as)) { 1393 AS_CLRUNMAPWAIT(seg->s_as); 1394 cv_broadcast(&seg->s_as->a_cv); 1395 } 1396 mutex_exit(&seg->s_as->a_contents); 1397 } 1398 } 1399 1400 } 1401 1402 /* 1403 * Handle fault for a single page. 1404 * Done in a separate routine so we can handle errors more easily. 1405 * This routine is called only from segdev_faultpages() 1406 * when looping over the range of addresses requested. The segment lock is held. 1407 */ 1408 static faultcode_t 1409 segdev_faultpage( 1410 struct hat *hat, /* the hat */ 1411 struct seg *seg, /* seg_dev of interest */ 1412 caddr_t addr, /* address in as */ 1413 struct vpage *vpage, /* pointer to vpage for seg, addr */ 1414 enum fault_type type, /* type of fault */ 1415 enum seg_rw rw, /* type of access at fault */ 1416 devmap_handle_t *dhp) /* devmap handle if any for this page */ 1417 { 1418 struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 1419 uint_t prot; 1420 pfn_t pfnum = PFN_INVALID; 1421 u_offset_t offset; 1422 uint_t hat_flags; 1423 dev_info_t *dip; 1424 1425 TRACE_3(TR_FAC_DEVMAP, TR_DEVMAP_FAULTPAGE, 1426 "segdev_faultpage: dhp=%p seg=%p addr=%p", dhp, seg, addr); 1427 DEBUGF(8, (CE_CONT, "segdev_faultpage: dhp %p seg %p addr %p \n", 1428 (void *)dhp, (void *)seg, (void *)addr)); 1429 1430 /* 1431 * Initialize protection value for this page. 1432 * If we have per page protection values check it now. 1433 */ 1434 if (sdp->pageprot) { 1435 uint_t protchk; 1436 1437 switch (rw) { 1438 case S_READ: 1439 protchk = PROT_READ; 1440 break; 1441 case S_WRITE: 1442 protchk = PROT_WRITE; 1443 break; 1444 case S_EXEC: 1445 protchk = PROT_EXEC; 1446 break; 1447 case S_OTHER: 1448 default: 1449 protchk = PROT_READ | PROT_WRITE | PROT_EXEC; 1450 break; 1451 } 1452 1453 prot = VPP_PROT(vpage); 1454 if ((prot & protchk) == 0) 1455 return (FC_PROT); /* illegal access type */ 1456 } else { 1457 prot = sdp->prot; 1458 /* caller has already done segment level protection check */ 1459 } 1460 1461 if (type == F_SOFTLOCK) { 1462 mutex_enter(&freemem_lock); 1463 sdp->softlockcnt++; 1464 mutex_exit(&freemem_lock); 1465 } 1466 1467 hat_flags = ((type == F_SOFTLOCK) ? HAT_LOAD_LOCK : HAT_LOAD); 1468 offset = sdp->offset + (u_offset_t)(addr - seg->s_base); 1469 /* 1470 * In the devmap framework, sdp->mapfunc is set to NULL. we can get 1471 * pfnum from dhp->dh_pfn (at beginning of segment) and offset from 1472 * seg->s_base. 1473 */ 1474 if (dhp == NULL) { 1475 /* If segment has devmap_data, then dhp should be non-NULL */ 1476 ASSERT(sdp->devmap_data == NULL); 1477 pfnum = (pfn_t)cdev_mmap(sdp->mapfunc, sdp->vp->v_rdev, 1478 (off_t)offset, prot); 1479 prot |= sdp->hat_attr; 1480 } else { 1481 ulong_t off; 1482 struct ddi_umem_cookie *cp; 1483 struct devmap_pmem_cookie *pcp; 1484 1485 /* ensure the dhp passed in contains addr. */ 1486 ASSERT(dhp == devmap_find_handle( 1487 (devmap_handle_t *)sdp->devmap_data, addr)); 1488 1489 off = addr - dhp->dh_uvaddr; 1490 1491 /* 1492 * This routine assumes that the caller makes sure that the 1493 * fields in dhp used below are unchanged due to remap during 1494 * this call. Caller does HOLD_DHP_LOCK if neeed 1495 */ 1496 cp = dhp->dh_cookie; 1497 if (dhp->dh_flags & DEVMAP_MAPPING_INVALID) { 1498 pfnum = PFN_INVALID; 1499 } else if (cookie_is_devmem(cp)) { 1500 pfnum = dhp->dh_pfn + btop(off); 1501 } else if (cookie_is_pmem(cp)) { 1502 pcp = (struct devmap_pmem_cookie *)dhp->dh_pcookie; 1503 ASSERT((dhp->dh_roff & PAGEOFFSET) == 0 && 1504 dhp->dh_roff < ptob(pcp->dp_npages)); 1505 pfnum = page_pptonum( 1506 pcp->dp_pparray[btop(off + dhp->dh_roff)]); 1507 } else { 1508 ASSERT(dhp->dh_roff < cp->size); 1509 ASSERT(dhp->dh_cvaddr >= cp->cvaddr && 1510 dhp->dh_cvaddr < (cp->cvaddr + cp->size)); 1511 ASSERT((dhp->dh_cvaddr + off) <= 1512 (cp->cvaddr + cp->size)); 1513 ASSERT((dhp->dh_cvaddr + off + PAGESIZE) <= 1514 (cp->cvaddr + cp->size)); 1515 1516 switch (cp->type) { 1517 case UMEM_LOCKED : 1518 if (cp->pparray != NULL) { 1519 ASSERT((dhp->dh_roff & 1520 PAGEOFFSET) == 0); 1521 pfnum = page_pptonum( 1522 cp->pparray[btop(off + 1523 dhp->dh_roff)]); 1524 } else { 1525 pfnum = hat_getpfnum( 1526 ((proc_t *)cp->procp)->p_as->a_hat, 1527 cp->cvaddr + off); 1528 } 1529 break; 1530 case UMEM_TRASH : 1531 pfnum = page_pptonum(trashpp); 1532 /* 1533 * We should set hat_flags to HAT_NOFAULT also 1534 * However, not all hat layers implement this 1535 */ 1536 break; 1537 case KMEM_PAGEABLE: 1538 case KMEM_NON_PAGEABLE: 1539 pfnum = hat_getpfnum(kas.a_hat, 1540 dhp->dh_cvaddr + off); 1541 break; 1542 default : 1543 pfnum = PFN_INVALID; 1544 break; 1545 } 1546 } 1547 prot |= dhp->dh_hat_attr; 1548 } 1549 if (pfnum == PFN_INVALID) { 1550 return (FC_MAKE_ERR(EFAULT)); 1551 } 1552 /* prot should already be OR'ed in with hat_attributes if needed */ 1553 1554 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_FAULTPAGE_CK1, 1555 "segdev_faultpage: pfnum=%lx memory=%x prot=%x flags=%x", 1556 pfnum, pf_is_memory(pfnum), prot, hat_flags); 1557 DEBUGF(9, (CE_CONT, "segdev_faultpage: pfnum %lx memory %x " 1558 "prot %x flags %x\n", pfnum, pf_is_memory(pfnum), prot, hat_flags)); 1559 1560 if (pf_is_memory(pfnum) || (dhp != NULL)) { 1561 /* 1562 * It's not _really_ required here to pass sdp->hat_flags 1563 * to hat_devload even though we do it. 1564 * This is because hat figures it out DEVMEM mappings 1565 * are non-consistent, anyway. 1566 */ 1567 hat_devload(hat, addr, PAGESIZE, pfnum, 1568 prot, hat_flags | sdp->hat_flags); 1569 return (0); 1570 } 1571 1572 /* 1573 * Fall through to the case where devmap is not used and need to call 1574 * up the device tree to set up the mapping 1575 */ 1576 1577 dip = VTOS(VTOCVP(sdp->vp))->s_dip; 1578 ASSERT(dip); 1579 1580 /* 1581 * When calling ddi_map_fault, we do not OR in sdp->hat_attr 1582 * This is because this calls drivers which may not expect 1583 * prot to have any other values than PROT_ALL 1584 * The root nexus driver has a hack to peek into the segment 1585 * structure and then OR in sdp->hat_attr. 1586 * XX In case the bus_ops interfaces are ever revisited 1587 * we need to fix this. prot should include other hat attributes 1588 */ 1589 if (ddi_map_fault(dip, hat, seg, addr, NULL, pfnum, prot & PROT_ALL, 1590 (uint_t)(type == F_SOFTLOCK)) != DDI_SUCCESS) { 1591 return (FC_MAKE_ERR(EFAULT)); 1592 } 1593 return (0); 1594 } 1595 1596 static faultcode_t 1597 segdev_fault( 1598 struct hat *hat, /* the hat */ 1599 struct seg *seg, /* the seg_dev of interest */ 1600 caddr_t addr, /* the address of the fault */ 1601 size_t len, /* the length of the range */ 1602 enum fault_type type, /* type of fault */ 1603 enum seg_rw rw) /* type of access at fault */ 1604 { 1605 struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 1606 devmap_handle_t *dhp_head = (devmap_handle_t *)sdp->devmap_data; 1607 devmap_handle_t *dhp; 1608 struct devmap_softlock *slock = NULL; 1609 ulong_t slpage = 0; 1610 ulong_t off; 1611 caddr_t maddr = addr; 1612 int err; 1613 int err_is_faultcode = 0; 1614 1615 TRACE_5(TR_FAC_DEVMAP, TR_DEVMAP_FAULT, 1616 "segdev_fault: dhp_head=%p seg=%p addr=%p len=%lx type=%x", 1617 (void *)dhp_head, (void *)seg, (void *)addr, len, type); 1618 DEBUGF(7, (CE_CONT, "segdev_fault: dhp_head %p seg %p " 1619 "addr %p len %lx type %x\n", 1620 (void *)dhp_head, (void *)seg, (void *)addr, len, type)); 1621 1622 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 1623 1624 /* Handle non-devmap case */ 1625 if (dhp_head == NULL) 1626 return (segdev_faultpages(hat, seg, addr, len, type, rw, NULL)); 1627 1628 /* Find devmap handle */ 1629 if ((dhp = devmap_find_handle(dhp_head, addr)) == NULL) 1630 return (FC_NOMAP); 1631 1632 /* 1633 * The seg_dev driver does not implement copy-on-write, 1634 * and always loads translations with maximal allowed permissions 1635 * but we got an fault trying to access the device. 1636 * Servicing the fault is not going to result in any better result 1637 * RFE: If we want devmap_access callbacks to be involved in F_PROT 1638 * faults, then the code below is written for that 1639 * Pending resolution of the following: 1640 * - determine if the F_INVAL/F_SOFTLOCK syncing 1641 * is needed for F_PROT also or not. The code below assumes it does 1642 * - If driver sees F_PROT and calls devmap_load with same type, 1643 * then segdev_faultpages will fail with FC_PROT anyway, need to 1644 * change that so calls from devmap_load to segdev_faultpages for 1645 * F_PROT type are retagged to F_INVAL. 1646 * RFE: Today we dont have drivers that use devmap and want to handle 1647 * F_PROT calls. The code in segdev_fault* is written to allow 1648 * this case but is not tested. A driver that needs this capability 1649 * should be able to remove the short-circuit case; resolve the 1650 * above issues and "should" work. 1651 */ 1652 if (type == F_PROT) { 1653 return (FC_PROT); 1654 } 1655 1656 /* 1657 * Loop through dhp list calling devmap_access or segdev_faultpages for 1658 * each devmap handle. 1659 * drivers which implement devmap_access can interpose on faults and do 1660 * device-appropriate special actions before calling devmap_load. 1661 */ 1662 1663 /* 1664 * Unfortunately, this simple loop has turned out to expose a variety 1665 * of complex problems which results in the following convoluted code. 1666 * 1667 * First, a desire to handle a serialization of F_SOFTLOCK calls 1668 * to the driver within the framework. 1669 * This results in a dh_softlock structure that is on a per device 1670 * (or device instance) basis and serializes devmap_access calls. 1671 * Ideally we would need to do this for underlying 1672 * memory/device regions that are being faulted on 1673 * but that is hard to identify and with REMAP, harder 1674 * Second, a desire to serialize F_INVAL(and F_PROT) calls w.r.t. 1675 * to F_SOFTLOCK calls to the driver. 1676 * These serializations are to simplify the driver programmer model. 1677 * To support these two features, the code first goes through the 1678 * devmap handles and counts the pages (slpage) that are covered 1679 * by devmap_access callbacks. 1680 * This part ends with a devmap_softlock_enter call 1681 * which allows only one F_SOFTLOCK active on a device instance, 1682 * but multiple F_INVAL/F_PROTs can be active except when a 1683 * F_SOFTLOCK is active 1684 * 1685 * Next, we dont short-circuit the fault code upfront to call 1686 * segdev_softunlock for F_SOFTUNLOCK, because we must use 1687 * the same length when we softlock and softunlock. 1688 * 1689 * -Hat layers may not support softunlocking lengths less than the 1690 * original length when there is large page support. 1691 * -kpmem locking is dependent on keeping the lengths same. 1692 * -if drivers handled F_SOFTLOCK, they probably also expect to 1693 * see an F_SOFTUNLOCK of the same length 1694 * Hence, if extending lengths during softlock, 1695 * softunlock has to make the same adjustments and goes through 1696 * the same loop calling segdev_faultpages/segdev_softunlock 1697 * But some of the synchronization and error handling is different 1698 */ 1699 1700 if (type != F_SOFTUNLOCK) { 1701 devmap_handle_t *dhpp = dhp; 1702 size_t slen = len; 1703 1704 /* 1705 * Calculate count of pages that are : 1706 * a) within the (potentially extended) fault region 1707 * b) AND covered by devmap handle with devmap_access 1708 */ 1709 off = (ulong_t)(addr - dhpp->dh_uvaddr); 1710 while (slen != 0) { 1711 size_t mlen; 1712 1713 /* 1714 * Softlocking on a region that allows remap is 1715 * unsupported due to unresolved locking issues 1716 * XXX: unclear what these are? 1717 * One potential is that if there is a pending 1718 * softlock, then a remap should not be allowed 1719 * until the unlock is done. This is easily 1720 * fixed by returning error in devmap*remap on 1721 * checking the dh->dh_softlock->softlocked value 1722 */ 1723 if ((type == F_SOFTLOCK) && 1724 (dhpp->dh_flags & DEVMAP_ALLOW_REMAP)) { 1725 return (FC_NOSUPPORT); 1726 } 1727 1728 mlen = MIN(slen, (dhpp->dh_len - off)); 1729 if (dhpp->dh_callbackops.devmap_access) { 1730 size_t llen; 1731 caddr_t laddr; 1732 /* 1733 * use extended length for large page mappings 1734 */ 1735 HOLD_DHP_LOCK(dhpp); 1736 if ((sdp->pageprot == 0) && 1737 (dhpp->dh_flags & DEVMAP_FLAG_LARGE)) { 1738 devmap_get_large_pgsize(dhpp, 1739 mlen, maddr, &llen, &laddr); 1740 } else { 1741 llen = mlen; 1742 } 1743 RELE_DHP_LOCK(dhpp); 1744 1745 slpage += btopr(llen); 1746 slock = dhpp->dh_softlock; 1747 } 1748 maddr += mlen; 1749 ASSERT(slen >= mlen); 1750 slen -= mlen; 1751 dhpp = dhpp->dh_next; 1752 off = 0; 1753 } 1754 /* 1755 * synchonize with other faulting threads and wait till safe 1756 * devmap_softlock_enter might return due to signal in cv_wait 1757 * 1758 * devmap_softlock_enter has to be called outside of while loop 1759 * to prevent a deadlock if len spans over multiple dhps. 1760 * dh_softlock is based on device instance and if multiple dhps 1761 * use the same device instance, the second dhp's LOCK call 1762 * will hang waiting on the first to complete. 1763 * devmap_setup verifies that slocks in a dhp_chain are same. 1764 * RFE: this deadlock only hold true for F_SOFTLOCK. For 1765 * F_INVAL/F_PROT, since we now allow multiple in parallel, 1766 * we could have done the softlock_enter inside the loop 1767 * and supported multi-dhp mappings with dissimilar devices 1768 */ 1769 if (err = devmap_softlock_enter(slock, slpage, type)) 1770 return (FC_MAKE_ERR(err)); 1771 } 1772 1773 /* reset 'maddr' to the start addr of the range of fault. */ 1774 maddr = addr; 1775 1776 /* calculate the offset corresponds to 'addr' in the first dhp. */ 1777 off = (ulong_t)(addr - dhp->dh_uvaddr); 1778 1779 /* 1780 * The fault length may span over multiple dhps. 1781 * Loop until the total length is satisfied. 1782 */ 1783 while (len != 0) { 1784 size_t llen; 1785 size_t mlen; 1786 caddr_t laddr; 1787 1788 /* 1789 * mlen is the smaller of 'len' and the length 1790 * from addr to the end of mapping defined by dhp. 1791 */ 1792 mlen = MIN(len, (dhp->dh_len - off)); 1793 1794 HOLD_DHP_LOCK(dhp); 1795 /* 1796 * Pass the extended length and address to devmap_access 1797 * if large pagesize is used for loading address translations. 1798 */ 1799 if ((sdp->pageprot == 0) && 1800 (dhp->dh_flags & DEVMAP_FLAG_LARGE)) { 1801 devmap_get_large_pgsize(dhp, mlen, maddr, 1802 &llen, &laddr); 1803 ASSERT(maddr == addr || laddr == maddr); 1804 } else { 1805 llen = mlen; 1806 laddr = maddr; 1807 } 1808 1809 if (dhp->dh_callbackops.devmap_access != NULL) { 1810 offset_t aoff; 1811 1812 aoff = sdp->offset + (offset_t)(laddr - seg->s_base); 1813 1814 /* 1815 * call driver's devmap_access entry point which will 1816 * call devmap_load/contextmgmt to load the translations 1817 * 1818 * We drop the dhp_lock before calling access so 1819 * drivers can call devmap_*_remap within access 1820 */ 1821 RELE_DHP_LOCK(dhp); 1822 1823 err = (*dhp->dh_callbackops.devmap_access)( 1824 dhp, (void *)dhp->dh_pvtp, aoff, llen, type, rw); 1825 } else { 1826 /* 1827 * If no devmap_access entry point, then load mappings 1828 * hold dhp_lock across faultpages if REMAP 1829 */ 1830 err = segdev_faultpages(hat, seg, laddr, llen, 1831 type, rw, dhp); 1832 err_is_faultcode = 1; 1833 RELE_DHP_LOCK(dhp); 1834 } 1835 1836 if (err) { 1837 if ((type == F_SOFTLOCK) && (maddr > addr)) { 1838 /* 1839 * If not first dhp, use 1840 * segdev_fault(F_SOFTUNLOCK) for prior dhps 1841 * While this is recursion, it is incorrect to 1842 * call just segdev_softunlock 1843 * if we are using either large pages 1844 * or devmap_access. It will be more right 1845 * to go through the same loop as above 1846 * rather than call segdev_softunlock directly 1847 * It will use the right lenghths as well as 1848 * call into the driver devmap_access routines. 1849 */ 1850 size_t done = (size_t)(maddr - addr); 1851 (void) segdev_fault(hat, seg, addr, done, 1852 F_SOFTUNLOCK, S_OTHER); 1853 /* 1854 * reduce slpage by number of pages 1855 * released by segdev_softunlock 1856 */ 1857 ASSERT(slpage >= btopr(done)); 1858 devmap_softlock_exit(slock, 1859 slpage - btopr(done), type); 1860 } else { 1861 devmap_softlock_exit(slock, slpage, type); 1862 } 1863 1864 1865 /* 1866 * Segdev_faultpages() already returns a faultcode, 1867 * hence, result from segdev_faultpages() should be 1868 * returned directly. 1869 */ 1870 if (err_is_faultcode) 1871 return (err); 1872 return (FC_MAKE_ERR(err)); 1873 } 1874 1875 maddr += mlen; 1876 ASSERT(len >= mlen); 1877 len -= mlen; 1878 dhp = dhp->dh_next; 1879 off = 0; 1880 1881 ASSERT(!dhp || len == 0 || maddr == dhp->dh_uvaddr); 1882 } 1883 /* 1884 * release the softlock count at end of fault 1885 * For F_SOFTLOCk this is done in the later F_SOFTUNLOCK 1886 */ 1887 if ((type == F_INVAL) || (type == F_PROT)) 1888 devmap_softlock_exit(slock, slpage, type); 1889 return (0); 1890 } 1891 1892 /* 1893 * segdev_faultpages 1894 * 1895 * Used to fault in seg_dev segment pages. Called by segdev_fault or devmap_load 1896 * This routine assumes that the callers makes sure that the fields 1897 * in dhp used below are not changed due to remap during this call. 1898 * Caller does HOLD_DHP_LOCK if neeed 1899 * This routine returns a faultcode_t as a return value for segdev_fault. 1900 */ 1901 static faultcode_t 1902 segdev_faultpages( 1903 struct hat *hat, /* the hat */ 1904 struct seg *seg, /* the seg_dev of interest */ 1905 caddr_t addr, /* the address of the fault */ 1906 size_t len, /* the length of the range */ 1907 enum fault_type type, /* type of fault */ 1908 enum seg_rw rw, /* type of access at fault */ 1909 devmap_handle_t *dhp) /* devmap handle */ 1910 { 1911 register struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 1912 register caddr_t a; 1913 struct vpage *vpage; 1914 struct ddi_umem_cookie *kpmem_cookie = NULL; 1915 int err; 1916 1917 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_FAULTPAGES, 1918 "segdev_faultpages: dhp=%p seg=%p addr=%p len=%lx", 1919 (void *)dhp, (void *)seg, (void *)addr, len); 1920 DEBUGF(5, (CE_CONT, "segdev_faultpages: " 1921 "dhp %p seg %p addr %p len %lx\n", 1922 (void *)dhp, (void *)seg, (void *)addr, len)); 1923 1924 /* 1925 * The seg_dev driver does not implement copy-on-write, 1926 * and always loads translations with maximal allowed permissions 1927 * but we got an fault trying to access the device. 1928 * Servicing the fault is not going to result in any better result 1929 * XXX: If we want to allow devmap_access to handle F_PROT calls, 1930 * This code should be removed and let the normal fault handling 1931 * take care of finding the error 1932 */ 1933 if (type == F_PROT) { 1934 return (FC_PROT); 1935 } 1936 1937 if (type == F_SOFTUNLOCK) { 1938 segdev_softunlock(hat, seg, addr, len, rw); 1939 return (0); 1940 } 1941 1942 /* 1943 * For kernel pageable memory, fault/lock segkp pages 1944 * We hold this until the completion of this 1945 * fault (INVAL/PROT) or till unlock (SOFTLOCK). 1946 */ 1947 if ((dhp != NULL) && dhp_is_kpmem(dhp)) { 1948 kpmem_cookie = (struct ddi_umem_cookie *)dhp->dh_cookie; 1949 if (err = acquire_kpmem_lock(kpmem_cookie, btopr(len))) 1950 return (err); 1951 } 1952 1953 /* 1954 * If we have the same protections for the entire segment, 1955 * insure that the access being attempted is legitimate. 1956 */ 1957 rw_enter(&sdp->lock, RW_READER); 1958 if (sdp->pageprot == 0) { 1959 uint_t protchk; 1960 1961 switch (rw) { 1962 case S_READ: 1963 protchk = PROT_READ; 1964 break; 1965 case S_WRITE: 1966 protchk = PROT_WRITE; 1967 break; 1968 case S_EXEC: 1969 protchk = PROT_EXEC; 1970 break; 1971 case S_OTHER: 1972 default: 1973 protchk = PROT_READ | PROT_WRITE | PROT_EXEC; 1974 break; 1975 } 1976 1977 if ((sdp->prot & protchk) == 0) { 1978 rw_exit(&sdp->lock); 1979 /* undo kpmem locking */ 1980 if (kpmem_cookie != NULL) { 1981 release_kpmem_lock(kpmem_cookie, btopr(len)); 1982 } 1983 return (FC_PROT); /* illegal access type */ 1984 } 1985 } 1986 1987 /* 1988 * we do a single hat_devload for the range if 1989 * - devmap framework (dhp is not NULL), 1990 * - pageprot == 0, i.e., no per-page protection set and 1991 * - is device pages, irrespective of whether we are using large pages 1992 */ 1993 if ((sdp->pageprot == 0) && (dhp != NULL) && dhp_is_devmem(dhp)) { 1994 pfn_t pfnum; 1995 uint_t hat_flags; 1996 1997 if (dhp->dh_flags & DEVMAP_MAPPING_INVALID) { 1998 rw_exit(&sdp->lock); 1999 return (FC_NOMAP); 2000 } 2001 2002 if (type == F_SOFTLOCK) { 2003 mutex_enter(&freemem_lock); 2004 sdp->softlockcnt += btopr(len); 2005 mutex_exit(&freemem_lock); 2006 } 2007 2008 hat_flags = ((type == F_SOFTLOCK) ? HAT_LOAD_LOCK : HAT_LOAD); 2009 pfnum = dhp->dh_pfn + btop((uintptr_t)(addr - dhp->dh_uvaddr)); 2010 ASSERT(!pf_is_memory(pfnum)); 2011 2012 hat_devload(hat, addr, len, pfnum, sdp->prot | dhp->dh_hat_attr, 2013 hat_flags | sdp->hat_flags); 2014 rw_exit(&sdp->lock); 2015 return (0); 2016 } 2017 2018 /* Handle cases where we have to loop through fault handling per-page */ 2019 2020 if (sdp->vpage == NULL) 2021 vpage = NULL; 2022 else 2023 vpage = &sdp->vpage[seg_page(seg, addr)]; 2024 2025 /* loop over the address range handling each fault */ 2026 for (a = addr; a < addr + len; a += PAGESIZE) { 2027 if (err = segdev_faultpage(hat, seg, a, vpage, type, rw, dhp)) { 2028 break; 2029 } 2030 if (vpage != NULL) 2031 vpage++; 2032 } 2033 rw_exit(&sdp->lock); 2034 if (err && (type == F_SOFTLOCK)) { /* error handling for F_SOFTLOCK */ 2035 size_t done = (size_t)(a - addr); /* pages fault successfully */ 2036 if (done > 0) { 2037 /* use softunlock for those pages */ 2038 segdev_softunlock(hat, seg, addr, done, S_OTHER); 2039 } 2040 if (kpmem_cookie != NULL) { 2041 /* release kpmem lock for rest of pages */ 2042 ASSERT(len >= done); 2043 release_kpmem_lock(kpmem_cookie, btopr(len - done)); 2044 } 2045 } else if ((kpmem_cookie != NULL) && (type != F_SOFTLOCK)) { 2046 /* for non-SOFTLOCK cases, release kpmem */ 2047 release_kpmem_lock(kpmem_cookie, btopr(len)); 2048 } 2049 return (err); 2050 } 2051 2052 /* 2053 * Asynchronous page fault. We simply do nothing since this 2054 * entry point is not supposed to load up the translation. 2055 */ 2056 /*ARGSUSED*/ 2057 static faultcode_t 2058 segdev_faulta(struct seg *seg, caddr_t addr) 2059 { 2060 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_FAULTA, 2061 "segdev_faulta: seg=%p addr=%p", (void *)seg, (void *)addr); 2062 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2063 2064 return (0); 2065 } 2066 2067 static int 2068 segdev_setprot(struct seg *seg, caddr_t addr, size_t len, uint_t prot) 2069 { 2070 register struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 2071 register devmap_handle_t *dhp; 2072 register struct vpage *vp, *evp; 2073 devmap_handle_t *dhp_head = (devmap_handle_t *)sdp->devmap_data; 2074 ulong_t off; 2075 size_t mlen, sz; 2076 2077 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_SETPROT, 2078 "segdev_setprot:start seg=%p addr=%p len=%lx prot=%x", 2079 (void *)seg, (void *)addr, len, prot); 2080 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2081 2082 if ((sz = sdp->softlockcnt) > 0 && dhp_head != NULL) { 2083 /* 2084 * Fail the setprot if pages are SOFTLOCKed through this 2085 * mapping. 2086 * Softlockcnt is protected from change by the as read lock. 2087 */ 2088 TRACE_1(TR_FAC_DEVMAP, TR_DEVMAP_SETPROT_CK1, 2089 "segdev_setprot:error softlockcnt=%lx", sz); 2090 DEBUGF(1, (CE_CONT, "segdev_setprot: softlockcnt %ld\n", sz)); 2091 return (EAGAIN); 2092 } 2093 2094 if (dhp_head != NULL) { 2095 if ((dhp = devmap_find_handle(dhp_head, addr)) == NULL) 2096 return (EINVAL); 2097 2098 /* 2099 * check if violate maxprot. 2100 */ 2101 off = (ulong_t)(addr - dhp->dh_uvaddr); 2102 mlen = len; 2103 while (dhp) { 2104 if ((dhp->dh_maxprot & prot) != prot) 2105 return (EACCES); /* violated maxprot */ 2106 2107 if (mlen > (dhp->dh_len - off)) { 2108 mlen -= dhp->dh_len - off; 2109 dhp = dhp->dh_next; 2110 off = 0; 2111 } else 2112 break; 2113 } 2114 } else { 2115 if ((sdp->maxprot & prot) != prot) 2116 return (EACCES); 2117 } 2118 2119 rw_enter(&sdp->lock, RW_WRITER); 2120 if (addr == seg->s_base && len == seg->s_size && sdp->pageprot == 0) { 2121 if (sdp->prot == prot) { 2122 rw_exit(&sdp->lock); 2123 return (0); /* all done */ 2124 } 2125 sdp->prot = (uchar_t)prot; 2126 } else { 2127 sdp->pageprot = 1; 2128 if (sdp->vpage == NULL) { 2129 /* 2130 * First time through setting per page permissions, 2131 * initialize all the vpage structures to prot 2132 */ 2133 sdp->vpage = kmem_zalloc(vpgtob(seg_pages(seg)), 2134 KM_SLEEP); 2135 evp = &sdp->vpage[seg_pages(seg)]; 2136 for (vp = sdp->vpage; vp < evp; vp++) 2137 VPP_SETPROT(vp, sdp->prot); 2138 } 2139 /* 2140 * Now go change the needed vpages protections. 2141 */ 2142 evp = &sdp->vpage[seg_page(seg, addr + len)]; 2143 for (vp = &sdp->vpage[seg_page(seg, addr)]; vp < evp; vp++) 2144 VPP_SETPROT(vp, prot); 2145 } 2146 rw_exit(&sdp->lock); 2147 2148 if (dhp_head != NULL) { 2149 devmap_handle_t *tdhp; 2150 /* 2151 * If large page size was used in hat_devload(), 2152 * the same page size must be used in hat_unload(). 2153 */ 2154 dhp = tdhp = devmap_find_handle(dhp_head, addr); 2155 while (tdhp != NULL) { 2156 if (tdhp->dh_flags & DEVMAP_FLAG_LARGE) { 2157 break; 2158 } 2159 tdhp = tdhp->dh_next; 2160 } 2161 if (tdhp) { 2162 size_t slen = len; 2163 size_t mlen; 2164 size_t soff; 2165 2166 soff = (ulong_t)(addr - dhp->dh_uvaddr); 2167 while (slen != 0) { 2168 mlen = MIN(slen, (dhp->dh_len - soff)); 2169 hat_unload(seg->s_as->a_hat, dhp->dh_uvaddr, 2170 dhp->dh_len, HAT_UNLOAD); 2171 dhp = dhp->dh_next; 2172 ASSERT(slen >= mlen); 2173 slen -= mlen; 2174 soff = 0; 2175 } 2176 return (0); 2177 } 2178 } 2179 2180 if ((prot & ~PROT_USER) == PROT_NONE) { 2181 hat_unload(seg->s_as->a_hat, addr, len, HAT_UNLOAD); 2182 } else { 2183 /* 2184 * RFE: the segment should keep track of all attributes 2185 * allowing us to remove the deprecated hat_chgprot 2186 * and use hat_chgattr. 2187 */ 2188 hat_chgprot(seg->s_as->a_hat, addr, len, prot); 2189 } 2190 2191 return (0); 2192 } 2193 2194 static int 2195 segdev_checkprot(struct seg *seg, caddr_t addr, size_t len, uint_t prot) 2196 { 2197 struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 2198 struct vpage *vp, *evp; 2199 2200 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_CHECKPROT, 2201 "segdev_checkprot:start seg=%p addr=%p len=%lx prot=%x", 2202 (void *)seg, (void *)addr, len, prot); 2203 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2204 2205 /* 2206 * If segment protection can be used, simply check against them 2207 */ 2208 rw_enter(&sdp->lock, RW_READER); 2209 if (sdp->pageprot == 0) { 2210 register int err; 2211 2212 err = ((sdp->prot & prot) != prot) ? EACCES : 0; 2213 rw_exit(&sdp->lock); 2214 return (err); 2215 } 2216 2217 /* 2218 * Have to check down to the vpage level 2219 */ 2220 evp = &sdp->vpage[seg_page(seg, addr + len)]; 2221 for (vp = &sdp->vpage[seg_page(seg, addr)]; vp < evp; vp++) { 2222 if ((VPP_PROT(vp) & prot) != prot) { 2223 rw_exit(&sdp->lock); 2224 return (EACCES); 2225 } 2226 } 2227 rw_exit(&sdp->lock); 2228 return (0); 2229 } 2230 2231 static int 2232 segdev_getprot(struct seg *seg, caddr_t addr, size_t len, uint_t *protv) 2233 { 2234 struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 2235 size_t pgno; 2236 2237 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_GETPROT, 2238 "segdev_getprot:start seg=%p addr=%p len=%lx protv=%p", 2239 (void *)seg, (void *)addr, len, (void *)protv); 2240 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2241 2242 pgno = seg_page(seg, addr + len) - seg_page(seg, addr) + 1; 2243 if (pgno != 0) { 2244 rw_enter(&sdp->lock, RW_READER); 2245 if (sdp->pageprot == 0) { 2246 do { 2247 protv[--pgno] = sdp->prot; 2248 } while (pgno != 0); 2249 } else { 2250 size_t pgoff = seg_page(seg, addr); 2251 2252 do { 2253 pgno--; 2254 protv[pgno] = 2255 VPP_PROT(&sdp->vpage[pgno + pgoff]); 2256 } while (pgno != 0); 2257 } 2258 rw_exit(&sdp->lock); 2259 } 2260 return (0); 2261 } 2262 2263 static u_offset_t 2264 segdev_getoffset(register struct seg *seg, caddr_t addr) 2265 { 2266 register struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 2267 2268 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_GETOFFSET, 2269 "segdev_getoffset:start seg=%p addr=%p", (void *)seg, (void *)addr); 2270 2271 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2272 2273 return ((u_offset_t)sdp->offset + (addr - seg->s_base)); 2274 } 2275 2276 /*ARGSUSED*/ 2277 static int 2278 segdev_gettype(register struct seg *seg, caddr_t addr) 2279 { 2280 register struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 2281 2282 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_GETTYPE, 2283 "segdev_gettype:start seg=%p addr=%p", (void *)seg, (void *)addr); 2284 2285 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2286 2287 return (sdp->type); 2288 } 2289 2290 2291 /*ARGSUSED*/ 2292 static int 2293 segdev_getvp(register struct seg *seg, caddr_t addr, struct vnode **vpp) 2294 { 2295 register struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 2296 2297 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_GETVP, 2298 "segdev_getvp:start seg=%p addr=%p", (void *)seg, (void *)addr); 2299 2300 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2301 2302 /* 2303 * Note that this vp is the common_vp of the device, where the 2304 * pages are hung .. 2305 */ 2306 *vpp = VTOCVP(sdp->vp); 2307 2308 return (0); 2309 } 2310 2311 static void 2312 segdev_badop(void) 2313 { 2314 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_SEGDEV_BADOP, 2315 "segdev_badop:start"); 2316 panic("segdev_badop"); 2317 /*NOTREACHED*/ 2318 } 2319 2320 /* 2321 * segdev pages are not in the cache, and thus can't really be controlled. 2322 * Hence, syncs are simply always successful. 2323 */ 2324 /*ARGSUSED*/ 2325 static int 2326 segdev_sync(struct seg *seg, caddr_t addr, size_t len, int attr, uint_t flags) 2327 { 2328 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_SYNC, "segdev_sync:start"); 2329 2330 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2331 2332 return (0); 2333 } 2334 2335 /* 2336 * segdev pages are always "in core". 2337 */ 2338 /*ARGSUSED*/ 2339 static size_t 2340 segdev_incore(struct seg *seg, caddr_t addr, size_t len, char *vec) 2341 { 2342 size_t v = 0; 2343 2344 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_INCORE, "segdev_incore:start"); 2345 2346 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2347 2348 for (len = (len + PAGEOFFSET) & PAGEMASK; len; len -= PAGESIZE, 2349 v += PAGESIZE) 2350 *vec++ = 1; 2351 return (v); 2352 } 2353 2354 /* 2355 * segdev pages are not in the cache, and thus can't really be controlled. 2356 * Hence, locks are simply always successful. 2357 */ 2358 /*ARGSUSED*/ 2359 static int 2360 segdev_lockop(struct seg *seg, caddr_t addr, 2361 size_t len, int attr, int op, ulong_t *lockmap, size_t pos) 2362 { 2363 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_LOCKOP, "segdev_lockop:start"); 2364 2365 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2366 2367 return (0); 2368 } 2369 2370 /* 2371 * segdev pages are not in the cache, and thus can't really be controlled. 2372 * Hence, advise is simply always successful. 2373 */ 2374 /*ARGSUSED*/ 2375 static int 2376 segdev_advise(struct seg *seg, caddr_t addr, size_t len, uint_t behav) 2377 { 2378 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_ADVISE, "segdev_advise:start"); 2379 2380 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as)); 2381 2382 return (0); 2383 } 2384 2385 /* 2386 * segdev pages are not dumped, so we just return 2387 */ 2388 static void 2389 segdev_dump(struct seg *seg __unused) 2390 { 2391 } 2392 2393 /* 2394 * ddi_segmap_setup: Used by drivers who wish specify mapping attributes 2395 * for a segment. Called from a drivers segmap(9E) 2396 * routine. 2397 */ 2398 /*ARGSUSED*/ 2399 int 2400 ddi_segmap_setup(dev_t dev, off_t offset, struct as *as, caddr_t *addrp, 2401 off_t len, uint_t prot, uint_t maxprot, uint_t flags, cred_t *cred, 2402 const ddi_device_acc_attr_t *accattrp, uint_t rnumber) 2403 { 2404 struct segdev_crargs dev_a; 2405 int (*mapfunc)(dev_t dev, off_t off, int prot); 2406 uint_t hat_attr; 2407 pfn_t pfn; 2408 int error, i; 2409 2410 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_SEGMAP_SETUP, 2411 "ddi_segmap_setup:start"); 2412 2413 if ((mapfunc = devopsp[getmajor(dev)]->devo_cb_ops->cb_mmap) == nodev) 2414 return (ENODEV); 2415 2416 /* 2417 * Character devices that support the d_mmap 2418 * interface can only be mmap'ed shared. 2419 */ 2420 if ((flags & MAP_TYPE) != MAP_SHARED) 2421 return (EINVAL); 2422 2423 /* 2424 * Check that this region is indeed mappable on this platform. 2425 * Use the mapping function. 2426 */ 2427 if (ddi_device_mapping_check(dev, accattrp, rnumber, &hat_attr) == -1) 2428 return (ENXIO); 2429 2430 if (len == 0) 2431 return (ENXIO); 2432 2433 /* 2434 * Check to ensure that the entire range is 2435 * legal and we are not trying to map in 2436 * more than the device will let us. 2437 */ 2438 /* 2439 * Save the pfn at offset here. This pfn will be 2440 * used later to get user address. 2441 */ 2442 pfn = (pfn_t)cdev_mmap(mapfunc, dev, offset, maxprot); 2443 if (pfn == PFN_INVALID) 2444 return (ENXIO); 2445 2446 for (i = PAGESIZE; i < len; i += PAGESIZE) { 2447 if (cdev_mmap(mapfunc, dev, offset + i, maxprot) == PFN_INVALID) 2448 return (ENXIO); 2449 } 2450 2451 as_rangelock(as); 2452 /* Pick an address w/o worrying about any vac alignment constraints. */ 2453 error = choose_addr(as, addrp, len, ptob(pfn), ADDR_NOVACALIGN, flags); 2454 if (error != 0) { 2455 as_rangeunlock(as); 2456 return (error); 2457 } 2458 2459 dev_a.mapfunc = mapfunc; 2460 dev_a.dev = dev; 2461 dev_a.offset = (offset_t)offset; 2462 dev_a.type = flags & MAP_TYPE; 2463 dev_a.prot = (uchar_t)prot; 2464 dev_a.maxprot = (uchar_t)maxprot; 2465 dev_a.hat_attr = hat_attr; 2466 dev_a.hat_flags = 0; 2467 dev_a.devmap_data = NULL; 2468 2469 error = as_map(as, *addrp, len, segdev_create, &dev_a); 2470 as_rangeunlock(as); 2471 return (error); 2472 2473 } 2474 2475 /*ARGSUSED*/ 2476 static int 2477 segdev_pagelock(struct seg *seg, caddr_t addr, size_t len, 2478 struct page ***ppp, enum lock_type type, enum seg_rw rw) 2479 { 2480 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_PAGELOCK, 2481 "segdev_pagelock:start"); 2482 return (ENOTSUP); 2483 } 2484 2485 /*ARGSUSED*/ 2486 static int 2487 segdev_setpagesize(struct seg *seg, caddr_t addr, size_t len, 2488 uint_t szc) 2489 { 2490 return (ENOTSUP); 2491 } 2492 2493 /* 2494 * devmap_device: Used by devmap framework to establish mapping 2495 * called by devmap_seup(9F) during map setup time. 2496 */ 2497 /*ARGSUSED*/ 2498 static int 2499 devmap_device(devmap_handle_t *dhp, struct as *as, caddr_t *addr, 2500 offset_t off, size_t len, uint_t flags) 2501 { 2502 devmap_handle_t *rdhp, *maxdhp; 2503 struct segdev_crargs dev_a; 2504 int err; 2505 uint_t maxprot = PROT_ALL; 2506 offset_t offset = 0; 2507 pfn_t pfn; 2508 struct devmap_pmem_cookie *pcp; 2509 2510 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_DEVICE, 2511 "devmap_device:start dhp=%p addr=%p off=%llx, len=%lx", 2512 (void *)dhp, (void *)addr, off, len); 2513 2514 DEBUGF(2, (CE_CONT, "devmap_device: dhp %p addr %p off %llx len %lx\n", 2515 (void *)dhp, (void *)addr, off, len)); 2516 2517 as_rangelock(as); 2518 if ((flags & MAP_FIXED) == 0) { 2519 offset_t aligned_off; 2520 2521 rdhp = maxdhp = dhp; 2522 while (rdhp != NULL) { 2523 maxdhp = (maxdhp->dh_len > rdhp->dh_len) ? 2524 maxdhp : rdhp; 2525 rdhp = rdhp->dh_next; 2526 maxprot |= dhp->dh_maxprot; 2527 } 2528 offset = maxdhp->dh_uoff - dhp->dh_uoff; 2529 2530 /* 2531 * Use the dhp that has the 2532 * largest len to get user address. 2533 */ 2534 /* 2535 * If MAPPING_INVALID, cannot use dh_pfn/dh_cvaddr, 2536 * use 0 which is as good as any other. 2537 */ 2538 if (maxdhp->dh_flags & DEVMAP_MAPPING_INVALID) { 2539 aligned_off = (offset_t)0; 2540 } else if (dhp_is_devmem(maxdhp)) { 2541 aligned_off = (offset_t)ptob(maxdhp->dh_pfn) - offset; 2542 } else if (dhp_is_pmem(maxdhp)) { 2543 pcp = (struct devmap_pmem_cookie *)maxdhp->dh_pcookie; 2544 pfn = page_pptonum( 2545 pcp->dp_pparray[btop(maxdhp->dh_roff)]); 2546 aligned_off = (offset_t)ptob(pfn) - offset; 2547 } else { 2548 aligned_off = (offset_t)(uintptr_t)maxdhp->dh_cvaddr - 2549 offset; 2550 } 2551 2552 /* 2553 * Pick an address aligned to dh_cookie. 2554 * for kernel memory/user memory, cookie is cvaddr. 2555 * for device memory, cookie is physical address. 2556 */ 2557 map_addr(addr, len, aligned_off, 1, flags); 2558 if (*addr == NULL) { 2559 as_rangeunlock(as); 2560 return (ENOMEM); 2561 } 2562 } else { 2563 /* 2564 * User-specified address; blow away any previous mappings. 2565 */ 2566 (void) as_unmap(as, *addr, len); 2567 } 2568 2569 dev_a.mapfunc = NULL; 2570 dev_a.dev = dhp->dh_dev; 2571 dev_a.type = flags & MAP_TYPE; 2572 dev_a.offset = off; 2573 /* 2574 * sdp->maxprot has the least restrict protection of all dhps. 2575 */ 2576 dev_a.maxprot = maxprot; 2577 dev_a.prot = dhp->dh_prot; 2578 /* 2579 * devmap uses dhp->dh_hat_attr for hat. 2580 */ 2581 dev_a.hat_flags = 0; 2582 dev_a.hat_attr = 0; 2583 dev_a.devmap_data = (void *)dhp; 2584 2585 err = as_map(as, *addr, len, segdev_create, &dev_a); 2586 as_rangeunlock(as); 2587 return (err); 2588 } 2589 2590 int 2591 devmap_do_ctxmgt(devmap_cookie_t dhc, void *pvtp, offset_t off, size_t len, 2592 uint_t type, uint_t rw, int (*ctxmgt)(devmap_cookie_t, void *, offset_t, 2593 size_t, uint_t, uint_t)) 2594 { 2595 register devmap_handle_t *dhp = (devmap_handle_t *)dhc; 2596 struct devmap_ctx *devctx; 2597 int do_timeout = 0; 2598 int ret; 2599 2600 #ifdef lint 2601 pvtp = pvtp; 2602 #endif 2603 2604 TRACE_3(TR_FAC_DEVMAP, TR_DEVMAP_DO_CTXMGT, 2605 "devmap_do_ctxmgt:start dhp=%p off=%llx, len=%lx", 2606 (void *)dhp, off, len); 2607 DEBUGF(7, (CE_CONT, "devmap_do_ctxmgt: dhp %p off %llx len %lx\n", 2608 (void *)dhp, off, len)); 2609 2610 if (ctxmgt == NULL) 2611 return (FC_HWERR); 2612 2613 devctx = dhp->dh_ctx; 2614 2615 /* 2616 * If we are on an MP system with more than one cpu running 2617 * and if a thread on some CPU already has the context, wait 2618 * for it to finish if there is a hysteresis timeout. 2619 * 2620 * We call cv_wait() instead of cv_wait_sig() because 2621 * it does not matter much if it returned due to a signal 2622 * or due to a cv_signal() or cv_broadcast(). In either event 2623 * we need to complete the mapping otherwise the processes 2624 * will die with a SEGV. 2625 */ 2626 if ((dhp->dh_timeout_length > 0) && (ncpus > 1)) { 2627 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_DO_CTXMGT_CK1, 2628 "devmap_do_ctxmgt:doing hysteresis, devctl %p dhp %p", 2629 devctx, dhp); 2630 do_timeout = 1; 2631 mutex_enter(&devctx->lock); 2632 while (devctx->oncpu) 2633 cv_wait(&devctx->cv, &devctx->lock); 2634 devctx->oncpu = 1; 2635 mutex_exit(&devctx->lock); 2636 } 2637 2638 /* 2639 * Call the contextmgt callback so that the driver can handle 2640 * the fault. 2641 */ 2642 ret = (*ctxmgt)(dhp, dhp->dh_pvtp, off, len, type, rw); 2643 2644 /* 2645 * If devmap_access() returned -1, then there was a hardware 2646 * error so we need to convert the return value to something 2647 * that trap() will understand. Otherwise, the return value 2648 * is already a fault code generated by devmap_unload() 2649 * or devmap_load(). 2650 */ 2651 if (ret) { 2652 TRACE_3(TR_FAC_DEVMAP, TR_DEVMAP_DO_CTXMGT_CK2, 2653 "devmap_do_ctxmgt: ret=%x dhp=%p devctx=%p", 2654 ret, dhp, devctx); 2655 DEBUGF(1, (CE_CONT, "devmap_do_ctxmgt: ret %x dhp %p\n", 2656 ret, (void *)dhp)); 2657 if (devctx->oncpu) { 2658 mutex_enter(&devctx->lock); 2659 devctx->oncpu = 0; 2660 cv_signal(&devctx->cv); 2661 mutex_exit(&devctx->lock); 2662 } 2663 return (FC_HWERR); 2664 } 2665 2666 /* 2667 * Setup the timeout if we need to 2668 */ 2669 if (do_timeout) { 2670 mutex_enter(&devctx->lock); 2671 if (dhp->dh_timeout_length > 0) { 2672 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_DO_CTXMGT_CK3, 2673 "devmap_do_ctxmgt:timeout set"); 2674 devctx->timeout = timeout(devmap_ctxto, 2675 devctx, dhp->dh_timeout_length); 2676 } else { 2677 /* 2678 * We don't want to wait so set oncpu to 2679 * 0 and wake up anyone waiting. 2680 */ 2681 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_DO_CTXMGT_CK4, 2682 "devmap_do_ctxmgt:timeout not set"); 2683 devctx->oncpu = 0; 2684 cv_signal(&devctx->cv); 2685 } 2686 mutex_exit(&devctx->lock); 2687 } 2688 2689 return (DDI_SUCCESS); 2690 } 2691 2692 /* 2693 * end of mapping 2694 * poff fault_offset | 2695 * base | | | 2696 * | | | | 2697 * V V V V 2698 * +-----------+---------------+-------+---------+-------+ 2699 * ^ ^ ^ ^ 2700 * |<--- offset--->|<-len->| | 2701 * |<--- dh_len(size of mapping) --->| 2702 * |<-- pg -->| 2703 * -->|rlen|<-- 2704 */ 2705 static ulong_t 2706 devmap_roundup(devmap_handle_t *dhp, ulong_t offset, size_t len, 2707 ulong_t *opfn, ulong_t *pagesize) 2708 { 2709 register int level; 2710 ulong_t pg; 2711 ulong_t poff; 2712 ulong_t base; 2713 caddr_t uvaddr; 2714 long rlen; 2715 2716 TRACE_3(TR_FAC_DEVMAP, TR_DEVMAP_ROUNDUP, 2717 "devmap_roundup:start dhp=%p off=%lx len=%lx", 2718 (void *)dhp, offset, len); 2719 DEBUGF(2, (CE_CONT, "devmap_roundup: dhp %p off %lx len %lx\n", 2720 (void *)dhp, offset, len)); 2721 2722 /* 2723 * get the max. pagesize that is aligned within the range 2724 * <dh_pfn, dh_pfn+offset>. 2725 * 2726 * The calculations below use physical address to ddetermine 2727 * the page size to use. The same calculations can use the 2728 * virtual address to determine the page size. 2729 */ 2730 pg = 0; 2731 poff = 0; 2732 base = (ulong_t)ptob(dhp->dh_pfn); 2733 for (level = dhp->dh_mmulevel; level >= 0; level--) { 2734 pg = page_get_pagesize(level); 2735 poff = ((base + offset) & ~(pg - 1)); 2736 uvaddr = dhp->dh_uvaddr + (poff - base); 2737 if ((poff >= base) && 2738 ((poff + pg) <= (base + dhp->dh_len)) && 2739 VA_PA_ALIGNED((uintptr_t)uvaddr, poff, pg)) 2740 break; 2741 } 2742 2743 TRACE_3(TR_FAC_DEVMAP, TR_DEVMAP_ROUNDUP_CK1, 2744 "devmap_roundup: base=%lx poff=%lx dhp=%p", 2745 base, poff, dhp); 2746 DEBUGF(2, (CE_CONT, "devmap_roundup: base %lx poff %lx pfn %lx\n", 2747 base, poff, dhp->dh_pfn)); 2748 2749 ASSERT(VA_PA_ALIGNED((uintptr_t)uvaddr, poff, pg)); 2750 ASSERT(level >= 0); 2751 2752 *pagesize = pg; 2753 *opfn = dhp->dh_pfn + btop(poff - base); 2754 2755 rlen = len + offset - (poff - base + pg); 2756 2757 ASSERT(rlen < (long)len); 2758 2759 TRACE_5(TR_FAC_DEVMAP, TR_DEVMAP_ROUNDUP_CK2, 2760 "devmap_roundup:ret dhp=%p level=%x rlen=%lx psiz=%p opfn=%p", 2761 (void *)dhp, level, rlen, pagesize, opfn); 2762 DEBUGF(1, (CE_CONT, "devmap_roundup: dhp %p " 2763 "level %x rlen %lx psize %lx opfn %lx\n", 2764 (void *)dhp, level, rlen, *pagesize, *opfn)); 2765 2766 return ((ulong_t)((rlen > 0) ? rlen : 0)); 2767 } 2768 2769 /* 2770 * find the dhp that contains addr. 2771 */ 2772 static devmap_handle_t * 2773 devmap_find_handle(devmap_handle_t *dhp_head, caddr_t addr) 2774 { 2775 devmap_handle_t *dhp; 2776 2777 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_FIND_HANDLE, 2778 "devmap_find_handle:start"); 2779 2780 dhp = dhp_head; 2781 while (dhp) { 2782 if (addr >= dhp->dh_uvaddr && 2783 addr < (dhp->dh_uvaddr + dhp->dh_len)) 2784 return (dhp); 2785 dhp = dhp->dh_next; 2786 } 2787 2788 return ((devmap_handle_t *)NULL); 2789 } 2790 2791 /* 2792 * devmap_unload: 2793 * Marks a segdev segment or pages if offset->offset+len 2794 * is not the entire segment as intercept and unloads the 2795 * pages in the range offset -> offset+len. 2796 */ 2797 int 2798 devmap_unload(devmap_cookie_t dhc, offset_t offset, size_t len) 2799 { 2800 register devmap_handle_t *dhp = (devmap_handle_t *)dhc; 2801 caddr_t addr; 2802 ulong_t size; 2803 ssize_t soff; 2804 2805 TRACE_3(TR_FAC_DEVMAP, TR_DEVMAP_UNLOAD, 2806 "devmap_unload:start dhp=%p offset=%llx len=%lx", 2807 (void *)dhp, offset, len); 2808 DEBUGF(7, (CE_CONT, "devmap_unload: dhp %p offset %llx len %lx\n", 2809 (void *)dhp, offset, len)); 2810 2811 soff = (ssize_t)(offset - dhp->dh_uoff); 2812 soff = round_down_p2(soff, PAGESIZE); 2813 if (soff < 0 || soff >= dhp->dh_len) 2814 return (FC_MAKE_ERR(EINVAL)); 2815 2816 /* 2817 * Address and size must be page aligned. Len is set to the 2818 * number of bytes in the number of pages that are required to 2819 * support len. Offset is set to the byte offset of the first byte 2820 * of the page that contains offset. 2821 */ 2822 len = round_up_p2(len, PAGESIZE); 2823 2824 /* 2825 * If len is == 0, then calculate the size by getting 2826 * the number of bytes from offset to the end of the segment. 2827 */ 2828 if (len == 0) 2829 size = dhp->dh_len - soff; 2830 else { 2831 size = len; 2832 if ((soff + size) > dhp->dh_len) 2833 return (FC_MAKE_ERR(EINVAL)); 2834 } 2835 2836 /* 2837 * The address is offset bytes from the base address of 2838 * the dhp. 2839 */ 2840 addr = (caddr_t)(soff + dhp->dh_uvaddr); 2841 2842 /* 2843 * If large page size was used in hat_devload(), 2844 * the same page size must be used in hat_unload(). 2845 */ 2846 if (dhp->dh_flags & DEVMAP_FLAG_LARGE) { 2847 hat_unload(dhp->dh_seg->s_as->a_hat, dhp->dh_uvaddr, 2848 dhp->dh_len, HAT_UNLOAD|HAT_UNLOAD_OTHER); 2849 } else { 2850 hat_unload(dhp->dh_seg->s_as->a_hat, addr, size, 2851 HAT_UNLOAD|HAT_UNLOAD_OTHER); 2852 } 2853 2854 return (0); 2855 } 2856 2857 /* 2858 * calculates the optimal page size that will be used for hat_devload(). 2859 */ 2860 static void 2861 devmap_get_large_pgsize(devmap_handle_t *dhp, size_t len, caddr_t addr, 2862 size_t *llen, caddr_t *laddr) 2863 { 2864 ulong_t off; 2865 ulong_t pfn; 2866 ulong_t pgsize; 2867 uint_t first = 1; 2868 2869 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_GET_LARGE_PGSIZE, 2870 "devmap_get_large_pgsize:start"); 2871 2872 /* 2873 * RFE - Code only supports large page mappings for devmem 2874 * This code could be changed in future if we want to support 2875 * large page mappings for kernel exported memory. 2876 */ 2877 ASSERT(dhp_is_devmem(dhp)); 2878 ASSERT(!(dhp->dh_flags & DEVMAP_MAPPING_INVALID)); 2879 2880 *llen = 0; 2881 off = (ulong_t)(addr - dhp->dh_uvaddr); 2882 while ((long)len > 0) { 2883 /* 2884 * get the optimal pfn to minimize address translations. 2885 * devmap_roundup() returns residue bytes for next round 2886 * calculations. 2887 */ 2888 len = devmap_roundup(dhp, off, len, &pfn, &pgsize); 2889 2890 if (first) { 2891 *laddr = dhp->dh_uvaddr + ptob(pfn - dhp->dh_pfn); 2892 first = 0; 2893 } 2894 2895 *llen += pgsize; 2896 off = ptob(pfn - dhp->dh_pfn) + pgsize; 2897 } 2898 /* Large page mapping len/addr cover more range than original fault */ 2899 ASSERT(*llen >= len && *laddr <= addr); 2900 ASSERT((*laddr + *llen) >= (addr + len)); 2901 } 2902 2903 /* 2904 * Initialize the devmap_softlock structure. 2905 */ 2906 static struct devmap_softlock * 2907 devmap_softlock_init(dev_t dev, ulong_t id) 2908 { 2909 struct devmap_softlock *slock; 2910 struct devmap_softlock *tmp; 2911 2912 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_SOFTLOCK_INIT, 2913 "devmap_softlock_init:start"); 2914 2915 tmp = kmem_zalloc(sizeof (struct devmap_softlock), KM_SLEEP); 2916 mutex_enter(&devmap_slock); 2917 2918 for (slock = devmap_slist; slock != NULL; slock = slock->next) 2919 if ((slock->dev == dev) && (slock->id == id)) 2920 break; 2921 2922 if (slock == NULL) { 2923 slock = tmp; 2924 slock->dev = dev; 2925 slock->id = id; 2926 mutex_init(&slock->lock, NULL, MUTEX_DEFAULT, NULL); 2927 cv_init(&slock->cv, NULL, CV_DEFAULT, NULL); 2928 slock->next = devmap_slist; 2929 devmap_slist = slock; 2930 } else 2931 kmem_free(tmp, sizeof (struct devmap_softlock)); 2932 2933 mutex_enter(&slock->lock); 2934 slock->refcnt++; 2935 mutex_exit(&slock->lock); 2936 mutex_exit(&devmap_slock); 2937 2938 return (slock); 2939 } 2940 2941 /* 2942 * Wake up processes that sleep on softlocked. 2943 * Free dh_softlock if refcnt is 0. 2944 */ 2945 static void 2946 devmap_softlock_rele(devmap_handle_t *dhp) 2947 { 2948 struct devmap_softlock *slock = dhp->dh_softlock; 2949 struct devmap_softlock *tmp; 2950 struct devmap_softlock *parent; 2951 2952 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_SOFTLOCK_RELE, 2953 "devmap_softlock_rele:start"); 2954 2955 mutex_enter(&devmap_slock); 2956 mutex_enter(&slock->lock); 2957 2958 ASSERT(slock->refcnt > 0); 2959 2960 slock->refcnt--; 2961 2962 /* 2963 * If no one is using the device, free up the slock data. 2964 */ 2965 if (slock->refcnt == 0) { 2966 slock->softlocked = 0; 2967 cv_signal(&slock->cv); 2968 2969 if (devmap_slist == slock) 2970 devmap_slist = slock->next; 2971 else { 2972 parent = devmap_slist; 2973 for (tmp = devmap_slist->next; tmp != NULL; 2974 tmp = tmp->next) { 2975 if (tmp == slock) { 2976 parent->next = tmp->next; 2977 break; 2978 } 2979 parent = tmp; 2980 } 2981 } 2982 mutex_exit(&slock->lock); 2983 mutex_destroy(&slock->lock); 2984 cv_destroy(&slock->cv); 2985 kmem_free(slock, sizeof (struct devmap_softlock)); 2986 } else 2987 mutex_exit(&slock->lock); 2988 2989 mutex_exit(&devmap_slock); 2990 } 2991 2992 /* 2993 * Wake up processes that sleep on dh_ctx->locked. 2994 * Free dh_ctx if refcnt is 0. 2995 */ 2996 static void 2997 devmap_ctx_rele(devmap_handle_t *dhp) 2998 { 2999 struct devmap_ctx *devctx = dhp->dh_ctx; 3000 struct devmap_ctx *tmp; 3001 struct devmap_ctx *parent; 3002 timeout_id_t tid; 3003 3004 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_CTX_RELE, 3005 "devmap_ctx_rele:start"); 3006 3007 mutex_enter(&devmapctx_lock); 3008 mutex_enter(&devctx->lock); 3009 3010 ASSERT(devctx->refcnt > 0); 3011 3012 devctx->refcnt--; 3013 3014 /* 3015 * If no one is using the device, free up the devctx data. 3016 */ 3017 if (devctx->refcnt == 0) { 3018 /* 3019 * Untimeout any threads using this mapping as they are about 3020 * to go away. 3021 */ 3022 if (devctx->timeout != 0) { 3023 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_CTX_RELE_CK1, 3024 "devmap_ctx_rele:untimeout ctx->timeout"); 3025 3026 tid = devctx->timeout; 3027 mutex_exit(&devctx->lock); 3028 (void) untimeout(tid); 3029 mutex_enter(&devctx->lock); 3030 } 3031 3032 devctx->oncpu = 0; 3033 cv_signal(&devctx->cv); 3034 3035 if (devmapctx_list == devctx) 3036 devmapctx_list = devctx->next; 3037 else { 3038 parent = devmapctx_list; 3039 for (tmp = devmapctx_list->next; tmp != NULL; 3040 tmp = tmp->next) { 3041 if (tmp == devctx) { 3042 parent->next = tmp->next; 3043 break; 3044 } 3045 parent = tmp; 3046 } 3047 } 3048 mutex_exit(&devctx->lock); 3049 mutex_destroy(&devctx->lock); 3050 cv_destroy(&devctx->cv); 3051 kmem_free(devctx, sizeof (struct devmap_ctx)); 3052 } else 3053 mutex_exit(&devctx->lock); 3054 3055 mutex_exit(&devmapctx_lock); 3056 } 3057 3058 /* 3059 * devmap_load: 3060 * Marks a segdev segment or pages if offset->offset+len 3061 * is not the entire segment as nointercept and faults in 3062 * the pages in the range offset -> offset+len. 3063 */ 3064 int 3065 devmap_load(devmap_cookie_t dhc, offset_t offset, size_t len, uint_t type, 3066 uint_t rw) 3067 { 3068 devmap_handle_t *dhp = (devmap_handle_t *)dhc; 3069 struct as *asp = dhp->dh_seg->s_as; 3070 caddr_t addr; 3071 ulong_t size; 3072 ssize_t soff; /* offset from the beginning of the segment */ 3073 int rc; 3074 3075 TRACE_3(TR_FAC_DEVMAP, TR_DEVMAP_LOAD, 3076 "devmap_load:start dhp=%p offset=%llx len=%lx", 3077 (void *)dhp, offset, len); 3078 3079 DEBUGF(7, (CE_CONT, "devmap_load: dhp %p offset %llx len %lx\n", 3080 (void *)dhp, offset, len)); 3081 3082 /* 3083 * Hat layer only supports devload to process' context for which 3084 * the as lock is held. Verify here and return error if drivers 3085 * inadvertently call devmap_load on a wrong devmap handle. 3086 */ 3087 if ((asp != &kas) && !AS_LOCK_HELD(asp)) 3088 return (FC_MAKE_ERR(EINVAL)); 3089 3090 soff = (ssize_t)(offset - dhp->dh_uoff); 3091 soff = round_down_p2(soff, PAGESIZE); 3092 if (soff < 0 || soff >= dhp->dh_len) 3093 return (FC_MAKE_ERR(EINVAL)); 3094 3095 /* 3096 * Address and size must be page aligned. Len is set to the 3097 * number of bytes in the number of pages that are required to 3098 * support len. Offset is set to the byte offset of the first byte 3099 * of the page that contains offset. 3100 */ 3101 len = round_up_p2(len, PAGESIZE); 3102 3103 /* 3104 * If len == 0, then calculate the size by getting 3105 * the number of bytes from offset to the end of the segment. 3106 */ 3107 if (len == 0) 3108 size = dhp->dh_len - soff; 3109 else { 3110 size = len; 3111 if ((soff + size) > dhp->dh_len) 3112 return (FC_MAKE_ERR(EINVAL)); 3113 } 3114 3115 /* 3116 * The address is offset bytes from the base address of 3117 * the segment. 3118 */ 3119 addr = (caddr_t)(soff + dhp->dh_uvaddr); 3120 3121 HOLD_DHP_LOCK(dhp); 3122 rc = segdev_faultpages(asp->a_hat, 3123 dhp->dh_seg, addr, size, type, rw, dhp); 3124 RELE_DHP_LOCK(dhp); 3125 return (rc); 3126 } 3127 3128 int 3129 devmap_setup(dev_t dev, offset_t off, struct as *as, caddr_t *addrp, 3130 size_t len, uint_t prot, uint_t maxprot, uint_t flags, struct cred *cred) 3131 { 3132 register devmap_handle_t *dhp; 3133 int (*devmap)(dev_t, devmap_cookie_t, offset_t, size_t, 3134 size_t *, uint_t); 3135 int (*mmap)(dev_t, off_t, int); 3136 struct devmap_callback_ctl *callbackops; 3137 devmap_handle_t *dhp_head = NULL; 3138 devmap_handle_t *dhp_prev = NULL; 3139 devmap_handle_t *dhp_curr; 3140 caddr_t addr; 3141 int map_flag; 3142 int ret; 3143 ulong_t total_len; 3144 size_t map_len; 3145 size_t resid_len = len; 3146 offset_t map_off = off; 3147 struct devmap_softlock *slock = NULL; 3148 3149 #ifdef lint 3150 cred = cred; 3151 #endif 3152 3153 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_SETUP, 3154 "devmap_setup:start off=%llx len=%lx", off, len); 3155 DEBUGF(3, (CE_CONT, "devmap_setup: off %llx len %lx\n", 3156 off, len)); 3157 3158 devmap = devopsp[getmajor(dev)]->devo_cb_ops->cb_devmap; 3159 mmap = devopsp[getmajor(dev)]->devo_cb_ops->cb_mmap; 3160 3161 /* 3162 * driver must provide devmap(9E) entry point in cb_ops to use the 3163 * devmap framework. 3164 */ 3165 if (devmap == NULL || devmap == nulldev || devmap == nodev) 3166 return (EINVAL); 3167 3168 /* 3169 * To protect from an inadvertent entry because the devmap entry point 3170 * is not NULL, return error if D_DEVMAP bit is not set in cb_flag and 3171 * mmap is NULL. 3172 */ 3173 map_flag = devopsp[getmajor(dev)]->devo_cb_ops->cb_flag; 3174 if ((map_flag & D_DEVMAP) == 0 && (mmap == NULL || mmap == nulldev)) 3175 return (EINVAL); 3176 3177 /* 3178 * devmap allows mmap(2) to map multiple registers. 3179 * one devmap_handle is created for each register mapped. 3180 */ 3181 for (total_len = 0; total_len < len; total_len += map_len) { 3182 dhp = kmem_zalloc(sizeof (devmap_handle_t), KM_SLEEP); 3183 3184 if (dhp_prev != NULL) 3185 dhp_prev->dh_next = dhp; 3186 else 3187 dhp_head = dhp; 3188 dhp_prev = dhp; 3189 3190 dhp->dh_prot = prot; 3191 dhp->dh_orig_maxprot = dhp->dh_maxprot = maxprot; 3192 dhp->dh_dev = dev; 3193 dhp->dh_timeout_length = CTX_TIMEOUT_VALUE; 3194 dhp->dh_uoff = map_off; 3195 3196 /* 3197 * Get mapping specific info from 3198 * the driver, such as rnumber, roff, len, callbackops, 3199 * accattrp and, if the mapping is for kernel memory, 3200 * ddi_umem_cookie. 3201 */ 3202 if ((ret = cdev_devmap(dev, dhp, map_off, 3203 resid_len, &map_len, get_udatamodel())) != 0) { 3204 free_devmap_handle(dhp_head); 3205 return (ENXIO); 3206 } 3207 3208 if (map_len & PAGEOFFSET) { 3209 free_devmap_handle(dhp_head); 3210 return (EINVAL); 3211 } 3212 3213 callbackops = &dhp->dh_callbackops; 3214 3215 if ((callbackops->devmap_access == NULL) || 3216 (callbackops->devmap_access == nulldev) || 3217 (callbackops->devmap_access == nodev)) { 3218 /* 3219 * Normally devmap does not support MAP_PRIVATE unless 3220 * the drivers provide a valid devmap_access routine. 3221 */ 3222 if ((flags & MAP_PRIVATE) != 0) { 3223 free_devmap_handle(dhp_head); 3224 return (EINVAL); 3225 } 3226 } else { 3227 /* 3228 * Initialize dhp_softlock and dh_ctx if the drivers 3229 * provide devmap_access. 3230 */ 3231 dhp->dh_softlock = devmap_softlock_init(dev, 3232 (ulong_t)callbackops->devmap_access); 3233 dhp->dh_ctx = devmap_ctxinit(dev, 3234 (ulong_t)callbackops->devmap_access); 3235 3236 /* 3237 * segdev_fault can only work when all 3238 * dh_softlock in a multi-dhp mapping 3239 * are same. see comments in segdev_fault 3240 * This code keeps track of the first 3241 * dh_softlock allocated in slock and 3242 * compares all later allocations and if 3243 * not similar, returns an error. 3244 */ 3245 if (slock == NULL) 3246 slock = dhp->dh_softlock; 3247 if (slock != dhp->dh_softlock) { 3248 free_devmap_handle(dhp_head); 3249 return (ENOTSUP); 3250 } 3251 } 3252 3253 map_off += map_len; 3254 resid_len -= map_len; 3255 } 3256 3257 /* 3258 * get the user virtual address and establish the mapping between 3259 * uvaddr and device physical address. 3260 */ 3261 if ((ret = devmap_device(dhp_head, as, addrp, off, len, flags)) 3262 != 0) { 3263 /* 3264 * free devmap handles if error during the mapping. 3265 */ 3266 free_devmap_handle(dhp_head); 3267 3268 return (ret); 3269 } 3270 3271 /* 3272 * call the driver's devmap_map callback to do more after the mapping, 3273 * such as to allocate driver private data for context management. 3274 */ 3275 dhp = dhp_head; 3276 map_off = off; 3277 addr = *addrp; 3278 while (dhp != NULL) { 3279 callbackops = &dhp->dh_callbackops; 3280 dhp->dh_uvaddr = addr; 3281 dhp_curr = dhp; 3282 if (callbackops->devmap_map != NULL) { 3283 ret = (*callbackops->devmap_map)((devmap_cookie_t)dhp, 3284 dev, flags, map_off, 3285 dhp->dh_len, &dhp->dh_pvtp); 3286 if (ret != 0) { 3287 struct segdev_data *sdp; 3288 3289 /* 3290 * call driver's devmap_unmap entry point 3291 * to free driver resources. 3292 */ 3293 dhp = dhp_head; 3294 map_off = off; 3295 while (dhp != dhp_curr) { 3296 callbackops = &dhp->dh_callbackops; 3297 if (callbackops->devmap_unmap != NULL) { 3298 (*callbackops->devmap_unmap)( 3299 dhp, dhp->dh_pvtp, 3300 map_off, dhp->dh_len, 3301 NULL, NULL, NULL, NULL); 3302 } 3303 map_off += dhp->dh_len; 3304 dhp = dhp->dh_next; 3305 } 3306 sdp = dhp_head->dh_seg->s_data; 3307 sdp->devmap_data = NULL; 3308 free_devmap_handle(dhp_head); 3309 return (ENXIO); 3310 } 3311 } 3312 map_off += dhp->dh_len; 3313 addr += dhp->dh_len; 3314 dhp = dhp->dh_next; 3315 } 3316 3317 return (0); 3318 } 3319 3320 int 3321 ddi_devmap_segmap(dev_t dev, off_t off, ddi_as_handle_t as, caddr_t *addrp, 3322 off_t len, uint_t prot, uint_t maxprot, uint_t flags, struct cred *cred) 3323 { 3324 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_SEGMAP, 3325 "devmap_segmap:start"); 3326 return (devmap_setup(dev, (offset_t)off, (struct as *)as, addrp, 3327 (size_t)len, prot, maxprot, flags, cred)); 3328 } 3329 3330 /* 3331 * Called from devmap_devmem_setup/remap to see if can use large pages for 3332 * this device mapping. 3333 * Also calculate the max. page size for this mapping. 3334 * this page size will be used in fault routine for 3335 * optimal page size calculations. 3336 */ 3337 static void 3338 devmap_devmem_large_page_setup(devmap_handle_t *dhp) 3339 { 3340 ASSERT(dhp_is_devmem(dhp)); 3341 dhp->dh_mmulevel = 0; 3342 3343 /* 3344 * use large page size only if: 3345 * 1. device memory. 3346 * 2. mmu supports multiple page sizes, 3347 * 3. Driver did not disallow it 3348 * 4. dhp length is at least as big as the large pagesize 3349 * 5. the uvaddr and pfn are large pagesize aligned 3350 */ 3351 if (page_num_pagesizes() > 1 && 3352 !(dhp->dh_flags & (DEVMAP_USE_PAGESIZE | DEVMAP_MAPPING_INVALID))) { 3353 ulong_t base; 3354 int level; 3355 3356 base = (ulong_t)ptob(dhp->dh_pfn); 3357 for (level = 1; level < page_num_pagesizes(); level++) { 3358 size_t pgsize = page_get_pagesize(level); 3359 if ((dhp->dh_len < pgsize) || 3360 (!VA_PA_PGSIZE_ALIGNED((uintptr_t)dhp->dh_uvaddr, 3361 base, pgsize))) { 3362 break; 3363 } 3364 } 3365 dhp->dh_mmulevel = level - 1; 3366 } 3367 if (dhp->dh_mmulevel > 0) { 3368 dhp->dh_flags |= DEVMAP_FLAG_LARGE; 3369 } else { 3370 dhp->dh_flags &= ~DEVMAP_FLAG_LARGE; 3371 } 3372 } 3373 3374 /* 3375 * Called by driver devmap routine to pass device specific info to 3376 * the framework. used for device memory mapping only. 3377 */ 3378 int 3379 devmap_devmem_setup(devmap_cookie_t dhc, dev_info_t *dip, 3380 struct devmap_callback_ctl *callbackops, uint_t rnumber, offset_t roff, 3381 size_t len, uint_t maxprot, uint_t flags, 3382 const ddi_device_acc_attr_t *accattrp) 3383 { 3384 devmap_handle_t *dhp = (devmap_handle_t *)dhc; 3385 ddi_acc_handle_t handle; 3386 ddi_map_req_t mr; 3387 ddi_acc_hdl_t *hp; 3388 int err; 3389 3390 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_DEVMEM_SETUP, 3391 "devmap_devmem_setup:start dhp=%p offset=%llx rnum=%d len=%lx", 3392 (void *)dhp, roff, rnumber, (uint_t)len); 3393 DEBUGF(2, (CE_CONT, "devmap_devmem_setup: dhp %p offset %llx " 3394 "rnum %d len %lx\n", (void *)dhp, roff, rnumber, len)); 3395 3396 /* 3397 * First to check if this function has been called for this dhp. 3398 */ 3399 if (dhp->dh_flags & DEVMAP_SETUP_DONE) 3400 return (DDI_FAILURE); 3401 3402 if ((dhp->dh_prot & dhp->dh_orig_maxprot & maxprot) != dhp->dh_prot) 3403 return (DDI_FAILURE); 3404 3405 if (flags & DEVMAP_MAPPING_INVALID) { 3406 /* 3407 * Don't go up the tree to get pfn if the driver specifies 3408 * DEVMAP_MAPPING_INVALID in flags. 3409 * 3410 * If DEVMAP_MAPPING_INVALID is specified, we have to grant 3411 * remap permission. 3412 */ 3413 if (!(flags & DEVMAP_ALLOW_REMAP)) { 3414 return (DDI_FAILURE); 3415 } 3416 dhp->dh_pfn = PFN_INVALID; 3417 } else { 3418 handle = impl_acc_hdl_alloc(KM_SLEEP, NULL); 3419 if (handle == NULL) 3420 return (DDI_FAILURE); 3421 3422 hp = impl_acc_hdl_get(handle); 3423 hp->ah_vers = VERS_ACCHDL; 3424 hp->ah_dip = dip; 3425 hp->ah_rnumber = rnumber; 3426 hp->ah_offset = roff; 3427 hp->ah_len = len; 3428 if (accattrp != NULL) 3429 hp->ah_acc = *accattrp; 3430 3431 mr.map_op = DDI_MO_MAP_LOCKED; 3432 mr.map_type = DDI_MT_RNUMBER; 3433 mr.map_obj.rnumber = rnumber; 3434 mr.map_prot = maxprot & dhp->dh_orig_maxprot; 3435 mr.map_flags = DDI_MF_DEVICE_MAPPING; 3436 mr.map_handlep = hp; 3437 mr.map_vers = DDI_MAP_VERSION; 3438 3439 /* 3440 * up the device tree to get pfn. 3441 * The rootnex_map_regspec() routine in nexus drivers has been 3442 * modified to return pfn if map_flags is DDI_MF_DEVICE_MAPPING. 3443 */ 3444 err = ddi_map(dip, &mr, roff, len, (caddr_t *)&dhp->dh_pfn); 3445 dhp->dh_hat_attr = hp->ah_hat_flags; 3446 impl_acc_hdl_free(handle); 3447 3448 if (err) 3449 return (DDI_FAILURE); 3450 } 3451 /* Should not be using devmem setup for memory pages */ 3452 ASSERT(!pf_is_memory(dhp->dh_pfn)); 3453 3454 /* Only some of the flags bits are settable by the driver */ 3455 dhp->dh_flags |= (flags & DEVMAP_SETUP_FLAGS); 3456 dhp->dh_len = ptob(btopr(len)); 3457 3458 dhp->dh_cookie = DEVMAP_DEVMEM_COOKIE; 3459 dhp->dh_roff = ptob(btop(roff)); 3460 3461 /* setup the dh_mmulevel and DEVMAP_FLAG_LARGE */ 3462 devmap_devmem_large_page_setup(dhp); 3463 dhp->dh_maxprot = maxprot & dhp->dh_orig_maxprot; 3464 ASSERT((dhp->dh_prot & dhp->dh_orig_maxprot & maxprot) == dhp->dh_prot); 3465 3466 3467 if (callbackops != NULL) { 3468 bcopy(callbackops, &dhp->dh_callbackops, 3469 sizeof (struct devmap_callback_ctl)); 3470 } 3471 3472 /* 3473 * Initialize dh_lock if we want to do remap. 3474 */ 3475 if (dhp->dh_flags & DEVMAP_ALLOW_REMAP) { 3476 mutex_init(&dhp->dh_lock, NULL, MUTEX_DEFAULT, NULL); 3477 dhp->dh_flags |= DEVMAP_LOCK_INITED; 3478 } 3479 3480 dhp->dh_flags |= DEVMAP_SETUP_DONE; 3481 3482 return (DDI_SUCCESS); 3483 } 3484 3485 int 3486 devmap_devmem_remap(devmap_cookie_t dhc, dev_info_t *dip, 3487 uint_t rnumber, offset_t roff, size_t len, uint_t maxprot, 3488 uint_t flags, const ddi_device_acc_attr_t *accattrp) 3489 { 3490 devmap_handle_t *dhp = (devmap_handle_t *)dhc; 3491 ddi_acc_handle_t handle; 3492 ddi_map_req_t mr; 3493 ddi_acc_hdl_t *hp; 3494 pfn_t pfn; 3495 uint_t hat_flags; 3496 int err; 3497 3498 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_DEVMEM_REMAP, 3499 "devmap_devmem_setup:start dhp=%p offset=%llx rnum=%d len=%lx", 3500 (void *)dhp, roff, rnumber, (uint_t)len); 3501 DEBUGF(2, (CE_CONT, "devmap_devmem_remap: dhp %p offset %llx " 3502 "rnum %d len %lx\n", (void *)dhp, roff, rnumber, len)); 3503 3504 /* 3505 * Return failure if setup has not been done or no remap permission 3506 * has been granted during the setup. 3507 */ 3508 if ((dhp->dh_flags & DEVMAP_SETUP_DONE) == 0 || 3509 (dhp->dh_flags & DEVMAP_ALLOW_REMAP) == 0) 3510 return (DDI_FAILURE); 3511 3512 /* Only DEVMAP_MAPPING_INVALID flag supported for remap */ 3513 if ((flags != 0) && (flags != DEVMAP_MAPPING_INVALID)) 3514 return (DDI_FAILURE); 3515 3516 if ((dhp->dh_prot & dhp->dh_orig_maxprot & maxprot) != dhp->dh_prot) 3517 return (DDI_FAILURE); 3518 3519 if (!(flags & DEVMAP_MAPPING_INVALID)) { 3520 handle = impl_acc_hdl_alloc(KM_SLEEP, NULL); 3521 if (handle == NULL) 3522 return (DDI_FAILURE); 3523 } 3524 3525 HOLD_DHP_LOCK(dhp); 3526 3527 /* 3528 * Unload the old mapping, so next fault will setup the new mappings 3529 * Do this while holding the dhp lock so other faults dont reestablish 3530 * the mappings 3531 */ 3532 hat_unload(dhp->dh_seg->s_as->a_hat, dhp->dh_uvaddr, 3533 dhp->dh_len, HAT_UNLOAD|HAT_UNLOAD_OTHER); 3534 3535 if (flags & DEVMAP_MAPPING_INVALID) { 3536 dhp->dh_flags |= DEVMAP_MAPPING_INVALID; 3537 dhp->dh_pfn = PFN_INVALID; 3538 } else { 3539 /* clear any prior DEVMAP_MAPPING_INVALID flag */ 3540 dhp->dh_flags &= ~DEVMAP_MAPPING_INVALID; 3541 hp = impl_acc_hdl_get(handle); 3542 hp->ah_vers = VERS_ACCHDL; 3543 hp->ah_dip = dip; 3544 hp->ah_rnumber = rnumber; 3545 hp->ah_offset = roff; 3546 hp->ah_len = len; 3547 if (accattrp != NULL) 3548 hp->ah_acc = *accattrp; 3549 3550 mr.map_op = DDI_MO_MAP_LOCKED; 3551 mr.map_type = DDI_MT_RNUMBER; 3552 mr.map_obj.rnumber = rnumber; 3553 mr.map_prot = maxprot & dhp->dh_orig_maxprot; 3554 mr.map_flags = DDI_MF_DEVICE_MAPPING; 3555 mr.map_handlep = hp; 3556 mr.map_vers = DDI_MAP_VERSION; 3557 3558 /* 3559 * up the device tree to get pfn. 3560 * The rootnex_map_regspec() routine in nexus drivers has been 3561 * modified to return pfn if map_flags is DDI_MF_DEVICE_MAPPING. 3562 */ 3563 err = ddi_map(dip, &mr, roff, len, (caddr_t *)&pfn); 3564 hat_flags = hp->ah_hat_flags; 3565 impl_acc_hdl_free(handle); 3566 if (err) { 3567 RELE_DHP_LOCK(dhp); 3568 return (DDI_FAILURE); 3569 } 3570 /* 3571 * Store result of ddi_map first in local variables, as we do 3572 * not want to overwrite the existing dhp with wrong data. 3573 */ 3574 dhp->dh_pfn = pfn; 3575 dhp->dh_hat_attr = hat_flags; 3576 } 3577 3578 /* clear the large page size flag */ 3579 dhp->dh_flags &= ~DEVMAP_FLAG_LARGE; 3580 3581 dhp->dh_cookie = DEVMAP_DEVMEM_COOKIE; 3582 dhp->dh_roff = ptob(btop(roff)); 3583 3584 /* setup the dh_mmulevel and DEVMAP_FLAG_LARGE */ 3585 devmap_devmem_large_page_setup(dhp); 3586 dhp->dh_maxprot = maxprot & dhp->dh_orig_maxprot; 3587 ASSERT((dhp->dh_prot & dhp->dh_orig_maxprot & maxprot) == dhp->dh_prot); 3588 3589 RELE_DHP_LOCK(dhp); 3590 return (DDI_SUCCESS); 3591 } 3592 3593 /* 3594 * called by driver devmap routine to pass kernel virtual address mapping 3595 * info to the framework. used only for kernel memory 3596 * allocated from ddi_umem_alloc(). 3597 */ 3598 int 3599 devmap_umem_setup(devmap_cookie_t dhc, dev_info_t *dip, 3600 struct devmap_callback_ctl *callbackops, ddi_umem_cookie_t cookie, 3601 offset_t off, size_t len, uint_t maxprot, uint_t flags, 3602 const ddi_device_acc_attr_t *accattrp) 3603 { 3604 devmap_handle_t *dhp = (devmap_handle_t *)dhc; 3605 struct ddi_umem_cookie *cp = (struct ddi_umem_cookie *)cookie; 3606 3607 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_UMEM_SETUP, 3608 "devmap_umem_setup:start dhp=%p offset=%llx cookie=%p len=%lx", 3609 (void *)dhp, off, cookie, len); 3610 DEBUGF(2, (CE_CONT, "devmap_umem_setup: dhp %p offset %llx " 3611 "cookie %p len %lx\n", (void *)dhp, off, (void *)cookie, len)); 3612 3613 if (cookie == NULL) 3614 return (DDI_FAILURE); 3615 3616 /* For UMEM_TRASH, this restriction is not needed */ 3617 if ((off + len) > cp->size) 3618 return (DDI_FAILURE); 3619 3620 /* check if the cache attributes are supported */ 3621 if (i_ddi_check_cache_attr(flags) == B_FALSE) 3622 return (DDI_FAILURE); 3623 3624 /* 3625 * First to check if this function has been called for this dhp. 3626 */ 3627 if (dhp->dh_flags & DEVMAP_SETUP_DONE) 3628 return (DDI_FAILURE); 3629 3630 if ((dhp->dh_prot & dhp->dh_orig_maxprot & maxprot) != dhp->dh_prot) 3631 return (DDI_FAILURE); 3632 3633 if (flags & DEVMAP_MAPPING_INVALID) { 3634 /* 3635 * If DEVMAP_MAPPING_INVALID is specified, we have to grant 3636 * remap permission. 3637 */ 3638 if (!(flags & DEVMAP_ALLOW_REMAP)) { 3639 return (DDI_FAILURE); 3640 } 3641 } else { 3642 dhp->dh_cookie = cookie; 3643 dhp->dh_roff = ptob(btop(off)); 3644 dhp->dh_cvaddr = cp->cvaddr + dhp->dh_roff; 3645 /* set HAT cache attributes */ 3646 i_ddi_cacheattr_to_hatacc(flags, &dhp->dh_hat_attr); 3647 /* set HAT endianess attributes */ 3648 i_ddi_devacc_to_hatacc(accattrp, &dhp->dh_hat_attr); 3649 } 3650 3651 /* 3652 * The default is _not_ to pass HAT_LOAD_NOCONSIST to hat_devload(); 3653 * we pass HAT_LOAD_NOCONSIST _only_ in cases where hat tries to 3654 * create consistent mappings but our intention was to create 3655 * non-consistent mappings. 3656 * 3657 * DEVMEM: hat figures it out it's DEVMEM and creates non-consistent 3658 * mappings. 3659 * 3660 * kernel exported memory: hat figures it out it's memory and always 3661 * creates consistent mappings. 3662 * 3663 * /dev/mem: non-consistent mappings. See comments in common/io/mem.c 3664 * 3665 * /dev/kmem: consistent mappings are created unless they are 3666 * MAP_FIXED. We _explicitly_ tell hat to create non-consistent 3667 * mappings by passing HAT_LOAD_NOCONSIST in case of MAP_FIXED 3668 * mappings of /dev/kmem. See common/io/mem.c 3669 */ 3670 3671 /* Only some of the flags bits are settable by the driver */ 3672 dhp->dh_flags |= (flags & DEVMAP_SETUP_FLAGS); 3673 3674 dhp->dh_len = ptob(btopr(len)); 3675 dhp->dh_maxprot = maxprot & dhp->dh_orig_maxprot; 3676 ASSERT((dhp->dh_prot & dhp->dh_orig_maxprot & maxprot) == dhp->dh_prot); 3677 3678 if (callbackops != NULL) { 3679 bcopy(callbackops, &dhp->dh_callbackops, 3680 sizeof (struct devmap_callback_ctl)); 3681 } 3682 /* 3683 * Initialize dh_lock if we want to do remap. 3684 */ 3685 if (dhp->dh_flags & DEVMAP_ALLOW_REMAP) { 3686 mutex_init(&dhp->dh_lock, NULL, MUTEX_DEFAULT, NULL); 3687 dhp->dh_flags |= DEVMAP_LOCK_INITED; 3688 } 3689 3690 dhp->dh_flags |= DEVMAP_SETUP_DONE; 3691 3692 return (DDI_SUCCESS); 3693 } 3694 3695 int 3696 devmap_umem_remap(devmap_cookie_t dhc, dev_info_t *dip, 3697 ddi_umem_cookie_t cookie, offset_t off, size_t len, uint_t maxprot, 3698 uint_t flags, const ddi_device_acc_attr_t *accattrp) 3699 { 3700 devmap_handle_t *dhp = (devmap_handle_t *)dhc; 3701 struct ddi_umem_cookie *cp = (struct ddi_umem_cookie *)cookie; 3702 3703 TRACE_4(TR_FAC_DEVMAP, TR_DEVMAP_UMEM_REMAP, 3704 "devmap_umem_remap:start dhp=%p offset=%llx cookie=%p len=%lx", 3705 (void *)dhp, off, cookie, len); 3706 DEBUGF(2, (CE_CONT, "devmap_umem_remap: dhp %p offset %llx " 3707 "cookie %p len %lx\n", (void *)dhp, off, (void *)cookie, len)); 3708 3709 /* 3710 * Reture failure if setup has not been done or no remap permission 3711 * has been granted during the setup. 3712 */ 3713 if ((dhp->dh_flags & DEVMAP_SETUP_DONE) == 0 || 3714 (dhp->dh_flags & DEVMAP_ALLOW_REMAP) == 0) 3715 return (DDI_FAILURE); 3716 3717 /* No flags supported for remap yet */ 3718 if (flags != 0) 3719 return (DDI_FAILURE); 3720 3721 /* check if the cache attributes are supported */ 3722 if (i_ddi_check_cache_attr(flags) == B_FALSE) 3723 return (DDI_FAILURE); 3724 3725 if ((dhp->dh_prot & dhp->dh_orig_maxprot & maxprot) != dhp->dh_prot) 3726 return (DDI_FAILURE); 3727 3728 /* For UMEM_TRASH, this restriction is not needed */ 3729 if ((off + len) > cp->size) 3730 return (DDI_FAILURE); 3731 3732 HOLD_DHP_LOCK(dhp); 3733 /* 3734 * Unload the old mapping, so next fault will setup the new mappings 3735 * Do this while holding the dhp lock so other faults dont reestablish 3736 * the mappings 3737 */ 3738 hat_unload(dhp->dh_seg->s_as->a_hat, dhp->dh_uvaddr, 3739 dhp->dh_len, HAT_UNLOAD|HAT_UNLOAD_OTHER); 3740 3741 dhp->dh_cookie = cookie; 3742 dhp->dh_roff = ptob(btop(off)); 3743 dhp->dh_cvaddr = cp->cvaddr + dhp->dh_roff; 3744 /* set HAT cache attributes */ 3745 i_ddi_cacheattr_to_hatacc(flags, &dhp->dh_hat_attr); 3746 /* set HAT endianess attributes */ 3747 i_ddi_devacc_to_hatacc(accattrp, &dhp->dh_hat_attr); 3748 3749 /* clear the large page size flag */ 3750 dhp->dh_flags &= ~DEVMAP_FLAG_LARGE; 3751 3752 dhp->dh_maxprot = maxprot & dhp->dh_orig_maxprot; 3753 ASSERT((dhp->dh_prot & dhp->dh_orig_maxprot & maxprot) == dhp->dh_prot); 3754 RELE_DHP_LOCK(dhp); 3755 return (DDI_SUCCESS); 3756 } 3757 3758 /* 3759 * to set timeout value for the driver's context management callback, e.g. 3760 * devmap_access(). 3761 */ 3762 void 3763 devmap_set_ctx_timeout(devmap_cookie_t dhc, clock_t ticks) 3764 { 3765 devmap_handle_t *dhp = (devmap_handle_t *)dhc; 3766 3767 TRACE_2(TR_FAC_DEVMAP, TR_DEVMAP_SET_CTX_TIMEOUT, 3768 "devmap_set_ctx_timeout:start dhp=%p ticks=%x", 3769 (void *)dhp, ticks); 3770 dhp->dh_timeout_length = ticks; 3771 } 3772 3773 int 3774 devmap_default_access(devmap_cookie_t dhp, void *pvtp, offset_t off, 3775 size_t len, uint_t type, uint_t rw) 3776 { 3777 #ifdef lint 3778 pvtp = pvtp; 3779 #endif 3780 3781 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_DEFAULT_ACCESS, 3782 "devmap_default_access:start"); 3783 return (devmap_load(dhp, off, len, type, rw)); 3784 } 3785 3786 /* 3787 * segkmem_alloc() wrapper to allocate memory which is both 3788 * non-relocatable (for DR) and sharelocked, since the rest 3789 * of this segment driver requires it. 3790 */ 3791 static void * 3792 devmap_alloc_pages(vmem_t *vmp, size_t size, int vmflag) 3793 { 3794 ASSERT(vmp != NULL); 3795 ASSERT(kvseg.s_base != NULL); 3796 vmflag |= (VM_NORELOC | SEGKMEM_SHARELOCKED); 3797 return (segkmem_alloc(vmp, size, vmflag)); 3798 } 3799 3800 /* 3801 * This is where things are a bit incestuous with seg_kmem: unlike 3802 * seg_kp, seg_kmem does not keep its pages long-term sharelocked, so 3803 * we need to do a bit of a dance around that to prevent duplication of 3804 * code until we decide to bite the bullet and implement a new kernel 3805 * segment for driver-allocated memory that is exported to user space. 3806 */ 3807 static void 3808 devmap_free_pages(vmem_t *vmp, void *inaddr, size_t size) 3809 { 3810 page_t *pp; 3811 caddr_t addr = inaddr; 3812 caddr_t eaddr; 3813 pgcnt_t npages = btopr(size); 3814 3815 ASSERT(vmp != NULL); 3816 ASSERT(kvseg.s_base != NULL); 3817 ASSERT(((uintptr_t)addr & PAGEOFFSET) == 0); 3818 3819 hat_unload(kas.a_hat, addr, size, HAT_UNLOAD_UNLOCK); 3820 3821 for (eaddr = addr + size; addr < eaddr; addr += PAGESIZE) { 3822 /* 3823 * Use page_find() instead of page_lookup() to find the page 3824 * since we know that it is hashed and has a shared lock. 3825 */ 3826 pp = page_find(&kvp, (u_offset_t)(uintptr_t)addr); 3827 3828 if (pp == NULL) 3829 panic("devmap_free_pages: page not found"); 3830 if (!page_tryupgrade(pp)) { 3831 page_unlock(pp); 3832 pp = page_lookup(&kvp, (u_offset_t)(uintptr_t)addr, 3833 SE_EXCL); 3834 if (pp == NULL) 3835 panic("devmap_free_pages: page already freed"); 3836 } 3837 /* Clear p_lckcnt so page_destroy() doesn't update availrmem */ 3838 pp->p_lckcnt = 0; 3839 page_destroy(pp, 0); 3840 } 3841 page_unresv(npages); 3842 3843 if (vmp != NULL) 3844 vmem_free(vmp, inaddr, size); 3845 } 3846 3847 /* 3848 * devmap_umem_alloc_np() replaces kmem_zalloc() as the method for 3849 * allocating non-pageable kmem in response to a ddi_umem_alloc() 3850 * default request. For now we allocate our own pages and we keep 3851 * them long-term sharelocked, since: A) the fault routines expect the 3852 * memory to already be locked; B) pageable umem is already long-term 3853 * locked; C) it's a lot of work to make it otherwise, particularly 3854 * since the nexus layer expects the pages to never fault. An RFE is to 3855 * not keep the pages long-term locked, but instead to be able to 3856 * take faults on them and simply look them up in kvp in case we 3857 * fault on them. Even then, we must take care not to let pageout 3858 * steal them from us since the data must remain resident; if we 3859 * do this we must come up with some way to pin the pages to prevent 3860 * faults while a driver is doing DMA to/from them. 3861 */ 3862 static void * 3863 devmap_umem_alloc_np(size_t size, size_t flags) 3864 { 3865 void *buf; 3866 int vmflags = (flags & DDI_UMEM_NOSLEEP)? VM_NOSLEEP : VM_SLEEP; 3867 3868 buf = vmem_alloc(umem_np_arena, size, vmflags); 3869 if (buf != NULL) 3870 bzero(buf, size); 3871 return (buf); 3872 } 3873 3874 static void 3875 devmap_umem_free_np(void *addr, size_t size) 3876 { 3877 vmem_free(umem_np_arena, addr, size); 3878 } 3879 3880 /* 3881 * allocate page aligned kernel memory for exporting to user land. 3882 * The devmap framework will use the cookie allocated by ddi_umem_alloc() 3883 * to find a user virtual address that is in same color as the address 3884 * allocated here. 3885 */ 3886 void * 3887 ddi_umem_alloc(size_t size, int flags, ddi_umem_cookie_t *cookie) 3888 { 3889 register size_t len = ptob(btopr(size)); 3890 void *buf = NULL; 3891 struct ddi_umem_cookie *cp; 3892 int iflags = 0; 3893 3894 *cookie = NULL; 3895 3896 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_UMEM_ALLOC, 3897 "devmap_umem_alloc:start"); 3898 if (len == 0) 3899 return ((void *)NULL); 3900 3901 /* 3902 * allocate cookie 3903 */ 3904 if ((cp = kmem_zalloc(sizeof (struct ddi_umem_cookie), 3905 flags & DDI_UMEM_NOSLEEP ? KM_NOSLEEP : KM_SLEEP)) == NULL) { 3906 ASSERT(flags & DDI_UMEM_NOSLEEP); 3907 return ((void *)NULL); 3908 } 3909 3910 if (flags & DDI_UMEM_PAGEABLE) { 3911 /* Only one of the flags is allowed */ 3912 ASSERT(!(flags & DDI_UMEM_TRASH)); 3913 /* initialize resource with 0 */ 3914 iflags = KPD_ZERO; 3915 3916 /* 3917 * to allocate unlocked pageable memory, use segkp_get() to 3918 * create a segkp segment. Since segkp can only service kas, 3919 * other segment drivers such as segdev have to do 3920 * as_fault(segkp, SOFTLOCK) in its fault routine, 3921 */ 3922 if (flags & DDI_UMEM_NOSLEEP) 3923 iflags |= KPD_NOWAIT; 3924 3925 if ((buf = segkp_get(segkp, len, iflags)) == NULL) { 3926 kmem_free(cp, sizeof (struct ddi_umem_cookie)); 3927 return ((void *)NULL); 3928 } 3929 cp->type = KMEM_PAGEABLE; 3930 mutex_init(&cp->lock, NULL, MUTEX_DEFAULT, NULL); 3931 cp->locked = 0; 3932 } else if (flags & DDI_UMEM_TRASH) { 3933 /* Only one of the flags is allowed */ 3934 ASSERT(!(flags & DDI_UMEM_PAGEABLE)); 3935 cp->type = UMEM_TRASH; 3936 buf = NULL; 3937 } else { 3938 if ((buf = devmap_umem_alloc_np(len, flags)) == NULL) { 3939 kmem_free(cp, sizeof (struct ddi_umem_cookie)); 3940 return ((void *)NULL); 3941 } 3942 3943 cp->type = KMEM_NON_PAGEABLE; 3944 } 3945 3946 /* 3947 * need to save size here. size will be used when 3948 * we do kmem_free. 3949 */ 3950 cp->size = len; 3951 cp->cvaddr = (caddr_t)buf; 3952 3953 *cookie = (void *)cp; 3954 return (buf); 3955 } 3956 3957 void 3958 ddi_umem_free(ddi_umem_cookie_t cookie) 3959 { 3960 struct ddi_umem_cookie *cp; 3961 3962 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_UMEM_FREE, 3963 "devmap_umem_free:start"); 3964 3965 /* 3966 * if cookie is NULL, no effects on the system 3967 */ 3968 if (cookie == NULL) 3969 return; 3970 3971 cp = (struct ddi_umem_cookie *)cookie; 3972 3973 switch (cp->type) { 3974 case KMEM_PAGEABLE : 3975 ASSERT(cp->cvaddr != NULL && cp->size != 0); 3976 /* 3977 * Check if there are still any pending faults on the cookie 3978 * while the driver is deleting it, 3979 * XXX - could change to an ASSERT but wont catch errant drivers 3980 */ 3981 mutex_enter(&cp->lock); 3982 if (cp->locked) { 3983 mutex_exit(&cp->lock); 3984 panic("ddi_umem_free for cookie with pending faults %p", 3985 (void *)cp); 3986 } 3987 3988 segkp_release(segkp, cp->cvaddr); 3989 3990 /* 3991 * release mutex associated with this cookie. 3992 */ 3993 mutex_destroy(&cp->lock); 3994 break; 3995 case KMEM_NON_PAGEABLE : 3996 ASSERT(cp->cvaddr != NULL && cp->size != 0); 3997 devmap_umem_free_np(cp->cvaddr, cp->size); 3998 break; 3999 case UMEM_TRASH : 4000 break; 4001 case UMEM_LOCKED : 4002 /* Callers should use ddi_umem_unlock for this type */ 4003 ddi_umem_unlock(cookie); 4004 /* Frees the cookie too */ 4005 return; 4006 default: 4007 /* panic so we can diagnose the underlying cause */ 4008 panic("ddi_umem_free: illegal cookie type 0x%x\n", 4009 cp->type); 4010 } 4011 4012 kmem_free(cookie, sizeof (struct ddi_umem_cookie)); 4013 } 4014 4015 4016 static int 4017 segdev_getmemid(struct seg *seg, caddr_t addr, memid_t *memidp) 4018 { 4019 struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 4020 4021 /* 4022 * It looks as if it is always mapped shared 4023 */ 4024 TRACE_0(TR_FAC_DEVMAP, TR_DEVMAP_GETMEMID, 4025 "segdev_getmemid:start"); 4026 memidp->val[0] = (uintptr_t)VTOCVP(sdp->vp); 4027 memidp->val[1] = sdp->offset + (uintptr_t)(addr - seg->s_base); 4028 return (0); 4029 } 4030 4031 /*ARGSUSED*/ 4032 static lgrp_mem_policy_info_t * 4033 segdev_getpolicy(struct seg *seg, caddr_t addr) 4034 { 4035 return (NULL); 4036 } 4037 4038 /*ARGSUSED*/ 4039 static int 4040 segdev_capable(struct seg *seg, segcapability_t capability) 4041 { 4042 return (0); 4043 } 4044 4045 /* 4046 * ddi_umem_alloc() non-pageable quantum cache max size. 4047 * This is just a SWAG. 4048 */ 4049 #define DEVMAP_UMEM_QUANTUM (8*PAGESIZE) 4050 4051 /* 4052 * Initialize seg_dev from boot. This routine sets up the trash page 4053 * and creates the umem_np_arena used to back non-pageable memory 4054 * requests. 4055 */ 4056 void 4057 segdev_init(void) 4058 { 4059 struct seg kseg; 4060 4061 umem_np_arena = vmem_create("umem_np", NULL, 0, PAGESIZE, 4062 devmap_alloc_pages, devmap_free_pages, heap_arena, 4063 DEVMAP_UMEM_QUANTUM, VM_SLEEP); 4064 4065 kseg.s_as = &kas; 4066 trashpp = page_create_va(&trashvp, 0, PAGESIZE, 4067 PG_NORELOC | PG_EXCL | PG_WAIT, &kseg, NULL); 4068 if (trashpp == NULL) 4069 panic("segdev_init: failed to create trash page"); 4070 pagezero(trashpp, 0, PAGESIZE); 4071 page_downgrade(trashpp); 4072 } 4073 4074 /* 4075 * Invoke platform-dependent support routines so that /proc can have 4076 * the platform code deal with curious hardware. 4077 */ 4078 int 4079 segdev_copyfrom(struct seg *seg, 4080 caddr_t uaddr, const void *devaddr, void *kaddr, size_t len) 4081 { 4082 struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 4083 struct snode *sp = VTOS(VTOCVP(sdp->vp)); 4084 4085 return (e_ddi_copyfromdev(sp->s_dip, 4086 (off_t)(uaddr - seg->s_base), devaddr, kaddr, len)); 4087 } 4088 4089 int 4090 segdev_copyto(struct seg *seg, 4091 caddr_t uaddr, const void *kaddr, void *devaddr, size_t len) 4092 { 4093 struct segdev_data *sdp = (struct segdev_data *)seg->s_data; 4094 struct snode *sp = VTOS(VTOCVP(sdp->vp)); 4095 4096 return (e_ddi_copytodev(sp->s_dip, 4097 (off_t)(uaddr - seg->s_base), kaddr, devaddr, len)); 4098 } 4099