6146 seg_inherit_notsup is redundant
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1993, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24
25 #include <sys/param.h>
26 #include <sys/user.h>
27 #include <sys/mman.h>
28 #include <sys/kmem.h>
29 #include <sys/sysmacros.h>
30 #include <sys/cmn_err.h>
31 #include <sys/systm.h>
32 #include <sys/tuneable.h>
33 #include <vm/hat.h>
34 #include <vm/seg.h>
35 #include <vm/as.h>
36 #include <vm/anon.h>
37 #include <vm/page.h>
38 #include <sys/buf.h>
39 #include <sys/swap.h>
40 #include <sys/atomic.h>
41 #include <vm/seg_spt.h>
42 #include <sys/debug.h>
43 #include <sys/vtrace.h>
44 #include <sys/shm.h>
45 #include <sys/shm_impl.h>
46 #include <sys/lgrp.h>
47 #include <sys/vmsystm.h>
48 #include <sys/policy.h>
49 #include <sys/project.h>
50 #include <sys/tnf_probe.h>
51 #include <sys/zone.h>
52
53 #define SEGSPTADDR (caddr_t)0x0
54
55 /*
56 * # pages used for spt
57 */
58 size_t spt_used;
59
60 /*
61 * segspt_minfree is the memory left for system after ISM
62 * locked its pages; it is set up to 5% of availrmem in
63 * sptcreate when ISM is created. ISM should not use more
64 * than ~90% of availrmem; if it does, then the performance
65 * of the system may decrease. Machines with large memories may
66 * be able to use up more memory for ISM so we set the default
67 * segspt_minfree to 5% (which gives ISM max 95% of availrmem.
68 * If somebody wants even more memory for ISM (risking hanging
69 * the system) they can patch the segspt_minfree to smaller number.
70 */
71 pgcnt_t segspt_minfree = 0;
72
73 static int segspt_create(struct seg *seg, caddr_t argsp);
74 static int segspt_unmap(struct seg *seg, caddr_t raddr, size_t ssize);
75 static void segspt_free(struct seg *seg);
76 static void segspt_free_pages(struct seg *seg, caddr_t addr, size_t len);
77 static lgrp_mem_policy_info_t *segspt_getpolicy(struct seg *seg, caddr_t addr);
78
79 static void
80 segspt_badop()
81 {
82 panic("segspt_badop called");
83 /*NOTREACHED*/
84 }
85
86 #define SEGSPT_BADOP(t) (t(*)())segspt_badop
87
88 struct seg_ops segspt_ops = {
89 .dup = SEGSPT_BADOP(int),
90 .unmap = segspt_unmap,
91 .free = segspt_free,
92 .fault = SEGSPT_BADOP(int),
93 .faulta = SEGSPT_BADOP(faultcode_t),
94 .setprot = SEGSPT_BADOP(int),
95 .checkprot = SEGSPT_BADOP(int),
96 .kluster = SEGSPT_BADOP(int),
97 .swapout = SEGSPT_BADOP(size_t),
98 .sync = SEGSPT_BADOP(int),
99 .incore = SEGSPT_BADOP(size_t),
100 .lockop = SEGSPT_BADOP(int),
101 .getprot = SEGSPT_BADOP(int),
102 .getoffset = SEGSPT_BADOP(u_offset_t),
103 .gettype = SEGSPT_BADOP(int),
104 .getvp = SEGSPT_BADOP(int),
105 .advise = SEGSPT_BADOP(int),
106 .dump = SEGSPT_BADOP(void),
107 .pagelock = SEGSPT_BADOP(int),
108 .setpagesize = SEGSPT_BADOP(int),
109 .getmemid = SEGSPT_BADOP(int),
110 .getpolicy = segspt_getpolicy,
111 .capable = SEGSPT_BADOP(int),
112 .inherit = seg_inherit_notsup,
113 };
114
115 static int segspt_shmdup(struct seg *seg, struct seg *newseg);
116 static int segspt_shmunmap(struct seg *seg, caddr_t raddr, size_t ssize);
117 static void segspt_shmfree(struct seg *seg);
118 static faultcode_t segspt_shmfault(struct hat *hat, struct seg *seg,
119 caddr_t addr, size_t len, enum fault_type type, enum seg_rw rw);
120 static faultcode_t segspt_shmfaulta(struct seg *seg, caddr_t addr);
121 static int segspt_shmsetprot(register struct seg *seg, register caddr_t addr,
122 register size_t len, register uint_t prot);
123 static int segspt_shmcheckprot(struct seg *seg, caddr_t addr, size_t size,
124 uint_t prot);
125 static int segspt_shmkluster(struct seg *seg, caddr_t addr, ssize_t delta);
126 static size_t segspt_shmswapout(struct seg *seg);
127 static size_t segspt_shmincore(struct seg *seg, caddr_t addr, size_t len,
128 register char *vec);
129 static int segspt_shmsync(struct seg *seg, register caddr_t addr, size_t len,
130 int attr, uint_t flags);
131 static int segspt_shmlockop(struct seg *seg, caddr_t addr, size_t len,
132 int attr, int op, ulong_t *lockmap, size_t pos);
133 static int segspt_shmgetprot(struct seg *seg, caddr_t addr, size_t len,
134 uint_t *protv);
135 static u_offset_t segspt_shmgetoffset(struct seg *seg, caddr_t addr);
136 static int segspt_shmgettype(struct seg *seg, caddr_t addr);
137 static int segspt_shmgetvp(struct seg *seg, caddr_t addr, struct vnode **vpp);
138 static int segspt_shmadvise(struct seg *seg, caddr_t addr, size_t len,
139 uint_t behav);
140 static void segspt_shmdump(struct seg *seg);
141 static int segspt_shmpagelock(struct seg *, caddr_t, size_t,
142 struct page ***, enum lock_type, enum seg_rw);
143 static int segspt_shmsetpgsz(struct seg *, caddr_t, size_t, uint_t);
144 static int segspt_shmgetmemid(struct seg *, caddr_t, memid_t *);
145 static lgrp_mem_policy_info_t *segspt_shmgetpolicy(struct seg *, caddr_t);
146 static int segspt_shmcapable(struct seg *, segcapability_t);
147
148 struct seg_ops segspt_shmops = {
149 .dup = segspt_shmdup,
150 .unmap = segspt_shmunmap,
151 .free = segspt_shmfree,
152 .fault = segspt_shmfault,
153 .faulta = segspt_shmfaulta,
154 .setprot = segspt_shmsetprot,
155 .checkprot = segspt_shmcheckprot,
156 .kluster = segspt_shmkluster,
157 .swapout = segspt_shmswapout,
158 .sync = segspt_shmsync,
159 .incore = segspt_shmincore,
160 .lockop = segspt_shmlockop,
161 .getprot = segspt_shmgetprot,
162 .getoffset = segspt_shmgetoffset,
163 .gettype = segspt_shmgettype,
164 .getvp = segspt_shmgetvp,
165 .advise = segspt_shmadvise,
166 .dump = segspt_shmdump,
167 .pagelock = segspt_shmpagelock,
168 .setpagesize = segspt_shmsetpgsz,
169 .getmemid = segspt_shmgetmemid,
170 .getpolicy = segspt_shmgetpolicy,
171 .capable = segspt_shmcapable,
172 .inherit = seg_inherit_notsup,
173 };
174
175 static void segspt_purge(struct seg *seg);
176 static int segspt_reclaim(void *, caddr_t, size_t, struct page **,
177 enum seg_rw, int);
178 static int spt_anon_getpages(struct seg *seg, caddr_t addr, size_t len,
179 page_t **ppa);
180
181
182
183 /*ARGSUSED*/
184 int
185 sptcreate(size_t size, struct seg **sptseg, struct anon_map *amp,
186 uint_t prot, uint_t flags, uint_t share_szc)
187 {
188 int err;
189 struct as *newas;
190 struct segspt_crargs sptcargs;
191
192 #ifdef DEBUG
193 TNF_PROBE_1(sptcreate, "spt", /* CSTYLED */,
194 tnf_ulong, size, size );
195 #endif
196 if (segspt_minfree == 0) /* leave min 5% of availrmem for */
197 segspt_minfree = availrmem/20; /* for the system */
198
199 if (!hat_supported(HAT_SHARED_PT, (void *)0))
200 return (EINVAL);
201
202 /*
203 * get a new as for this shared memory segment
204 */
205 newas = as_alloc();
206 newas->a_proc = NULL;
207 sptcargs.amp = amp;
208 sptcargs.prot = prot;
209 sptcargs.flags = flags;
210 sptcargs.szc = share_szc;
211 /*
212 * create a shared page table (spt) segment
213 */
214
215 if (err = as_map(newas, SEGSPTADDR, size, segspt_create, &sptcargs)) {
216 as_free(newas);
217 return (err);
218 }
219 *sptseg = sptcargs.seg_spt;
220 return (0);
221 }
222
223 void
224 sptdestroy(struct as *as, struct anon_map *amp)
225 {
226
227 #ifdef DEBUG
228 TNF_PROBE_0(sptdestroy, "spt", /* CSTYLED */);
229 #endif
230 (void) as_unmap(as, SEGSPTADDR, amp->size);
231 as_free(as);
232 }
233
234 /*
235 * called from seg_free().
236 * free (i.e., unlock, unmap, return to free list)
237 * all the pages in the given seg.
238 */
239 void
240 segspt_free(struct seg *seg)
241 {
242 struct spt_data *sptd = (struct spt_data *)seg->s_data;
243
244 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as, &seg->s_as->a_lock));
245
246 if (sptd != NULL) {
247 if (sptd->spt_realsize)
248 segspt_free_pages(seg, seg->s_base, sptd->spt_realsize);
249
250 if (sptd->spt_ppa_lckcnt)
251 kmem_free(sptd->spt_ppa_lckcnt,
252 sizeof (*sptd->spt_ppa_lckcnt)
253 * btopr(sptd->spt_amp->size));
254 kmem_free(sptd->spt_vp, sizeof (*sptd->spt_vp));
255 cv_destroy(&sptd->spt_cv);
256 mutex_destroy(&sptd->spt_lock);
257 kmem_free(sptd, sizeof (*sptd));
258 }
259 }
260
261 /*ARGSUSED*/
262 static int
263 segspt_shmsync(struct seg *seg, caddr_t addr, size_t len, int attr,
264 uint_t flags)
265 {
266 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
267
268 return (0);
269 }
270
271 /*ARGSUSED*/
272 static size_t
273 segspt_shmincore(struct seg *seg, caddr_t addr, size_t len, char *vec)
274 {
275 caddr_t eo_seg;
276 pgcnt_t npages;
277 struct shm_data *shmd = (struct shm_data *)seg->s_data;
278 struct seg *sptseg;
279 struct spt_data *sptd;
280
281 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
282 #ifdef lint
283 seg = seg;
284 #endif
285 sptseg = shmd->shm_sptseg;
286 sptd = sptseg->s_data;
287
288 if ((sptd->spt_flags & SHM_PAGEABLE) == 0) {
289 eo_seg = addr + len;
290 while (addr < eo_seg) {
291 /* page exists, and it's locked. */
292 *vec++ = SEG_PAGE_INCORE | SEG_PAGE_LOCKED |
293 SEG_PAGE_ANON;
294 addr += PAGESIZE;
295 }
296 return (len);
297 } else {
298 struct anon_map *amp = shmd->shm_amp;
299 struct anon *ap;
300 page_t *pp;
301 pgcnt_t anon_index;
302 struct vnode *vp;
303 u_offset_t off;
304 ulong_t i;
305 int ret;
306 anon_sync_obj_t cookie;
307
308 addr = (caddr_t)((uintptr_t)addr & (uintptr_t)PAGEMASK);
309 anon_index = seg_page(seg, addr);
310 npages = btopr(len);
311 if (anon_index + npages > btopr(shmd->shm_amp->size)) {
312 return (EINVAL);
313 }
314 ANON_LOCK_ENTER(&->a_rwlock, RW_READER);
315 for (i = 0; i < npages; i++, anon_index++) {
316 ret = 0;
317 anon_array_enter(amp, anon_index, &cookie);
318 ap = anon_get_ptr(amp->ahp, anon_index);
319 if (ap != NULL) {
320 swap_xlate(ap, &vp, &off);
321 anon_array_exit(&cookie);
322 pp = page_lookup_nowait(vp, off, SE_SHARED);
323 if (pp != NULL) {
324 ret |= SEG_PAGE_INCORE | SEG_PAGE_ANON;
325 page_unlock(pp);
326 }
327 } else {
328 anon_array_exit(&cookie);
329 }
330 if (shmd->shm_vpage[anon_index] & DISM_PG_LOCKED) {
331 ret |= SEG_PAGE_LOCKED;
332 }
333 *vec++ = (char)ret;
334 }
335 ANON_LOCK_EXIT(&->a_rwlock);
336 return (len);
337 }
338 }
339
340 static int
341 segspt_unmap(struct seg *seg, caddr_t raddr, size_t ssize)
342 {
343 size_t share_size;
344
345 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as, &seg->s_as->a_lock));
346
347 /*
348 * seg.s_size may have been rounded up to the largest page size
349 * in shmat().
350 * XXX This should be cleanedup. sptdestroy should take a length
351 * argument which should be the same as sptcreate. Then
352 * this rounding would not be needed (or is done in shm.c)
353 * Only the check for full segment will be needed.
354 *
355 * XXX -- shouldn't raddr == 0 always? These tests don't seem
356 * to be useful at all.
357 */
358 share_size = page_get_pagesize(seg->s_szc);
359 ssize = P2ROUNDUP(ssize, share_size);
360
361 if (raddr == seg->s_base && ssize == seg->s_size) {
362 seg_free(seg);
363 return (0);
364 } else
365 return (EINVAL);
366 }
367
368 int
369 segspt_create(struct seg *seg, caddr_t argsp)
370 {
371 int err;
372 caddr_t addr = seg->s_base;
373 struct spt_data *sptd;
374 struct segspt_crargs *sptcargs = (struct segspt_crargs *)argsp;
375 struct anon_map *amp = sptcargs->amp;
376 struct kshmid *sp = amp->a_sp;
377 struct cred *cred = CRED();
378 ulong_t i, j, anon_index = 0;
379 pgcnt_t npages = btopr(amp->size);
380 struct vnode *vp;
381 page_t **ppa;
382 uint_t hat_flags;
383 size_t pgsz;
384 pgcnt_t pgcnt;
385 caddr_t a;
386 pgcnt_t pidx;
387 size_t sz;
388 proc_t *procp = curproc;
389 rctl_qty_t lockedbytes = 0;
390 kproject_t *proj;
391
392 /*
393 * We are holding the a_lock on the underlying dummy as,
394 * so we can make calls to the HAT layer.
395 */
396 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as, &seg->s_as->a_lock));
397 ASSERT(sp != NULL);
398
399 #ifdef DEBUG
400 TNF_PROBE_2(segspt_create, "spt", /* CSTYLED */,
401 tnf_opaque, addr, addr, tnf_ulong, len, seg->s_size);
402 #endif
403 if ((sptcargs->flags & SHM_PAGEABLE) == 0) {
404 if (err = anon_swap_adjust(npages))
405 return (err);
406 }
407 err = ENOMEM;
408
409 if ((sptd = kmem_zalloc(sizeof (*sptd), KM_NOSLEEP)) == NULL)
410 goto out1;
411
412 if ((sptcargs->flags & SHM_PAGEABLE) == 0) {
413 if ((ppa = kmem_zalloc(((sizeof (page_t *)) * npages),
414 KM_NOSLEEP)) == NULL)
415 goto out2;
416 }
417
418 mutex_init(&sptd->spt_lock, NULL, MUTEX_DEFAULT, NULL);
419
420 if ((vp = kmem_zalloc(sizeof (*vp), KM_NOSLEEP)) == NULL)
421 goto out3;
422
423 seg->s_ops = &segspt_ops;
424 sptd->spt_vp = vp;
425 sptd->spt_amp = amp;
426 sptd->spt_prot = sptcargs->prot;
427 sptd->spt_flags = sptcargs->flags;
428 seg->s_data = (caddr_t)sptd;
429 sptd->spt_ppa = NULL;
430 sptd->spt_ppa_lckcnt = NULL;
431 seg->s_szc = sptcargs->szc;
432 cv_init(&sptd->spt_cv, NULL, CV_DEFAULT, NULL);
433 sptd->spt_gen = 0;
434
435 ANON_LOCK_ENTER(&->a_rwlock, RW_WRITER);
436 if (seg->s_szc > amp->a_szc) {
437 amp->a_szc = seg->s_szc;
438 }
439 ANON_LOCK_EXIT(&->a_rwlock);
440
441 /*
442 * Set policy to affect initial allocation of pages in
443 * anon_map_createpages()
444 */
445 (void) lgrp_shm_policy_set(LGRP_MEM_POLICY_DEFAULT, amp, anon_index,
446 NULL, 0, ptob(npages));
447
448 if (sptcargs->flags & SHM_PAGEABLE) {
449 size_t share_sz;
450 pgcnt_t new_npgs, more_pgs;
451 struct anon_hdr *nahp;
452 zone_t *zone;
453
454 share_sz = page_get_pagesize(seg->s_szc);
455 if (!IS_P2ALIGNED(amp->size, share_sz)) {
456 /*
457 * We are rounding up the size of the anon array
458 * on 4 M boundary because we always create 4 M
459 * of page(s) when locking, faulting pages and we
460 * don't have to check for all corner cases e.g.
461 * if there is enough space to allocate 4 M
462 * page.
463 */
464 new_npgs = btop(P2ROUNDUP(amp->size, share_sz));
465 more_pgs = new_npgs - npages;
466
467 /*
468 * The zone will never be NULL, as a fully created
469 * shm always has an owning zone.
470 */
471 zone = sp->shm_perm.ipc_zone_ref.zref_zone;
472 ASSERT(zone != NULL);
473 if (anon_resv_zone(ptob(more_pgs), zone) == 0) {
474 err = ENOMEM;
475 goto out4;
476 }
477
478 nahp = anon_create(new_npgs, ANON_SLEEP);
479 ANON_LOCK_ENTER(&->a_rwlock, RW_WRITER);
480 (void) anon_copy_ptr(amp->ahp, 0, nahp, 0, npages,
481 ANON_SLEEP);
482 anon_release(amp->ahp, npages);
483 amp->ahp = nahp;
484 ASSERT(amp->swresv == ptob(npages));
485 amp->swresv = amp->size = ptob(new_npgs);
486 ANON_LOCK_EXIT(&->a_rwlock);
487 npages = new_npgs;
488 }
489
490 sptd->spt_ppa_lckcnt = kmem_zalloc(npages *
491 sizeof (*sptd->spt_ppa_lckcnt), KM_SLEEP);
492 sptd->spt_pcachecnt = 0;
493 sptd->spt_realsize = ptob(npages);
494 sptcargs->seg_spt = seg;
495 return (0);
496 }
497
498 /*
499 * get array of pages for each anon slot in amp
500 */
501 if ((err = anon_map_createpages(amp, anon_index, ptob(npages), ppa,
502 seg, addr, S_CREATE, cred)) != 0)
503 goto out4;
504
505 mutex_enter(&sp->shm_mlock);
506
507 /* May be partially locked, so, count bytes to charge for locking */
508 for (i = 0; i < npages; i++)
509 if (ppa[i]->p_lckcnt == 0)
510 lockedbytes += PAGESIZE;
511
512 proj = sp->shm_perm.ipc_proj;
513
514 if (lockedbytes > 0) {
515 mutex_enter(&procp->p_lock);
516 if (rctl_incr_locked_mem(procp, proj, lockedbytes, 0)) {
517 mutex_exit(&procp->p_lock);
518 mutex_exit(&sp->shm_mlock);
519 for (i = 0; i < npages; i++)
520 page_unlock(ppa[i]);
521 err = ENOMEM;
522 goto out4;
523 }
524 mutex_exit(&procp->p_lock);
525 }
526
527 /*
528 * addr is initial address corresponding to the first page on ppa list
529 */
530 for (i = 0; i < npages; i++) {
531 /* attempt to lock all pages */
532 if (page_pp_lock(ppa[i], 0, 1) == 0) {
533 /*
534 * if unable to lock any page, unlock all
535 * of them and return error
536 */
537 for (j = 0; j < i; j++)
538 page_pp_unlock(ppa[j], 0, 1);
539 for (i = 0; i < npages; i++)
540 page_unlock(ppa[i]);
541 rctl_decr_locked_mem(NULL, proj, lockedbytes, 0);
542 mutex_exit(&sp->shm_mlock);
543 err = ENOMEM;
544 goto out4;
545 }
546 }
547 mutex_exit(&sp->shm_mlock);
548
549 /*
550 * Some platforms assume that ISM mappings are HAT_LOAD_LOCK
551 * for the entire life of the segment. For example platforms
552 * that do not support Dynamic Reconfiguration.
553 */
554 hat_flags = HAT_LOAD_SHARE;
555 if (!hat_supported(HAT_DYNAMIC_ISM_UNMAP, NULL))
556 hat_flags |= HAT_LOAD_LOCK;
557
558 /*
559 * Load translations one lare page at a time
560 * to make sure we don't create mappings bigger than
561 * segment's size code in case underlying pages
562 * are shared with segvn's segment that uses bigger
563 * size code than we do.
564 */
565 pgsz = page_get_pagesize(seg->s_szc);
566 pgcnt = page_get_pagecnt(seg->s_szc);
567 for (a = addr, pidx = 0; pidx < npages; a += pgsz, pidx += pgcnt) {
568 sz = MIN(pgsz, ptob(npages - pidx));
569 hat_memload_array(seg->s_as->a_hat, a, sz,
570 &ppa[pidx], sptd->spt_prot, hat_flags);
571 }
572
573 /*
574 * On platforms that do not support HAT_DYNAMIC_ISM_UNMAP,
575 * we will leave the pages locked SE_SHARED for the life
576 * of the ISM segment. This will prevent any calls to
577 * hat_pageunload() on this ISM segment for those platforms.
578 */
579 if (!(hat_flags & HAT_LOAD_LOCK)) {
580 /*
581 * On platforms that support HAT_DYNAMIC_ISM_UNMAP,
582 * we no longer need to hold the SE_SHARED lock on the pages,
583 * since L_PAGELOCK and F_SOFTLOCK calls will grab the
584 * SE_SHARED lock on the pages as necessary.
585 */
586 for (i = 0; i < npages; i++)
587 page_unlock(ppa[i]);
588 }
589 sptd->spt_pcachecnt = 0;
590 kmem_free(ppa, ((sizeof (page_t *)) * npages));
591 sptd->spt_realsize = ptob(npages);
592 atomic_add_long(&spt_used, npages);
593 sptcargs->seg_spt = seg;
594 return (0);
595
596 out4:
597 seg->s_data = NULL;
598 kmem_free(vp, sizeof (*vp));
599 cv_destroy(&sptd->spt_cv);
600 out3:
601 mutex_destroy(&sptd->spt_lock);
602 if ((sptcargs->flags & SHM_PAGEABLE) == 0)
603 kmem_free(ppa, (sizeof (*ppa) * npages));
604 out2:
605 kmem_free(sptd, sizeof (*sptd));
606 out1:
607 if ((sptcargs->flags & SHM_PAGEABLE) == 0)
608 anon_swap_restore(npages);
609 return (err);
610 }
611
612 /*ARGSUSED*/
613 void
614 segspt_free_pages(struct seg *seg, caddr_t addr, size_t len)
615 {
616 struct page *pp;
617 struct spt_data *sptd = (struct spt_data *)seg->s_data;
618 pgcnt_t npages;
619 ulong_t anon_idx;
620 struct anon_map *amp;
621 struct anon *ap;
622 struct vnode *vp;
623 u_offset_t off;
624 uint_t hat_flags;
625 int root = 0;
626 pgcnt_t pgs, curnpgs = 0;
627 page_t *rootpp;
628 rctl_qty_t unlocked_bytes = 0;
629 kproject_t *proj;
630 kshmid_t *sp;
631
632 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as, &seg->s_as->a_lock));
633
634 len = P2ROUNDUP(len, PAGESIZE);
635
636 npages = btop(len);
637
638 hat_flags = HAT_UNLOAD_UNLOCK | HAT_UNLOAD_UNMAP;
639 if ((hat_supported(HAT_DYNAMIC_ISM_UNMAP, (void *)0)) ||
640 (sptd->spt_flags & SHM_PAGEABLE)) {
641 hat_flags = HAT_UNLOAD_UNMAP;
642 }
643
644 hat_unload(seg->s_as->a_hat, addr, len, hat_flags);
645
646 amp = sptd->spt_amp;
647 if (sptd->spt_flags & SHM_PAGEABLE)
648 npages = btop(amp->size);
649
650 ASSERT(amp != NULL);
651
652 if ((sptd->spt_flags & SHM_PAGEABLE) == 0) {
653 sp = amp->a_sp;
654 proj = sp->shm_perm.ipc_proj;
655 mutex_enter(&sp->shm_mlock);
656 }
657 for (anon_idx = 0; anon_idx < npages; anon_idx++) {
658 if ((sptd->spt_flags & SHM_PAGEABLE) == 0) {
659 if ((ap = anon_get_ptr(amp->ahp, anon_idx)) == NULL) {
660 panic("segspt_free_pages: null app");
661 /*NOTREACHED*/
662 }
663 } else {
664 if ((ap = anon_get_next_ptr(amp->ahp, &anon_idx))
665 == NULL)
666 continue;
667 }
668 ASSERT(ANON_ISBUSY(anon_get_slot(amp->ahp, anon_idx)) == 0);
669 swap_xlate(ap, &vp, &off);
670
671 /*
672 * If this platform supports HAT_DYNAMIC_ISM_UNMAP,
673 * the pages won't be having SE_SHARED lock at this
674 * point.
675 *
676 * On platforms that do not support HAT_DYNAMIC_ISM_UNMAP,
677 * the pages are still held SE_SHARED locked from the
678 * original segspt_create()
679 *
680 * Our goal is to get SE_EXCL lock on each page, remove
681 * permanent lock on it and invalidate the page.
682 */
683 if ((sptd->spt_flags & SHM_PAGEABLE) == 0) {
684 if (hat_flags == HAT_UNLOAD_UNMAP)
685 pp = page_lookup(vp, off, SE_EXCL);
686 else {
687 if ((pp = page_find(vp, off)) == NULL) {
688 panic("segspt_free_pages: "
689 "page not locked");
690 /*NOTREACHED*/
691 }
692 if (!page_tryupgrade(pp)) {
693 page_unlock(pp);
694 pp = page_lookup(vp, off, SE_EXCL);
695 }
696 }
697 if (pp == NULL) {
698 panic("segspt_free_pages: "
699 "page not in the system");
700 /*NOTREACHED*/
701 }
702 ASSERT(pp->p_lckcnt > 0);
703 page_pp_unlock(pp, 0, 1);
704 if (pp->p_lckcnt == 0)
705 unlocked_bytes += PAGESIZE;
706 } else {
707 if ((pp = page_lookup(vp, off, SE_EXCL)) == NULL)
708 continue;
709 }
710 /*
711 * It's logical to invalidate the pages here as in most cases
712 * these were created by segspt.
713 */
714 if (pp->p_szc != 0) {
715 if (root == 0) {
716 ASSERT(curnpgs == 0);
717 root = 1;
718 rootpp = pp;
719 pgs = curnpgs = page_get_pagecnt(pp->p_szc);
720 ASSERT(pgs > 1);
721 ASSERT(IS_P2ALIGNED(pgs, pgs));
722 ASSERT(!(page_pptonum(pp) & (pgs - 1)));
723 curnpgs--;
724 } else if ((page_pptonum(pp) & (pgs - 1)) == pgs - 1) {
725 ASSERT(curnpgs == 1);
726 ASSERT(page_pptonum(pp) ==
727 page_pptonum(rootpp) + (pgs - 1));
728 page_destroy_pages(rootpp);
729 root = 0;
730 curnpgs = 0;
731 } else {
732 ASSERT(curnpgs > 1);
733 ASSERT(page_pptonum(pp) ==
734 page_pptonum(rootpp) + (pgs - curnpgs));
735 curnpgs--;
736 }
737 } else {
738 if (root != 0 || curnpgs != 0) {
739 panic("segspt_free_pages: bad large page");
740 /*NOTREACHED*/
741 }
742 /*
743 * Before destroying the pages, we need to take care
744 * of the rctl locked memory accounting. For that
745 * we need to calculte the unlocked_bytes.
746 */
747 if (pp->p_lckcnt > 0)
748 unlocked_bytes += PAGESIZE;
749 /*LINTED: constant in conditional context */
750 VN_DISPOSE(pp, B_INVAL, 0, kcred);
751 }
752 }
753 if ((sptd->spt_flags & SHM_PAGEABLE) == 0) {
754 if (unlocked_bytes > 0)
755 rctl_decr_locked_mem(NULL, proj, unlocked_bytes, 0);
756 mutex_exit(&sp->shm_mlock);
757 }
758 if (root != 0 || curnpgs != 0) {
759 panic("segspt_free_pages: bad large page");
760 /*NOTREACHED*/
761 }
762
763 /*
764 * mark that pages have been released
765 */
766 sptd->spt_realsize = 0;
767
768 if ((sptd->spt_flags & SHM_PAGEABLE) == 0) {
769 atomic_add_long(&spt_used, -npages);
770 anon_swap_restore(npages);
771 }
772 }
773
774 /*
775 * Get memory allocation policy info for specified address in given segment
776 */
777 static lgrp_mem_policy_info_t *
778 segspt_getpolicy(struct seg *seg, caddr_t addr)
779 {
780 struct anon_map *amp;
781 ulong_t anon_index;
782 lgrp_mem_policy_info_t *policy_info;
783 struct spt_data *spt_data;
784
785 ASSERT(seg != NULL);
786
787 /*
788 * Get anon_map from segspt
789 *
790 * Assume that no lock needs to be held on anon_map, since
791 * it should be protected by its reference count which must be
792 * nonzero for an existing segment
793 * Need to grab readers lock on policy tree though
794 */
795 spt_data = (struct spt_data *)seg->s_data;
796 if (spt_data == NULL)
797 return (NULL);
798 amp = spt_data->spt_amp;
799 ASSERT(amp->refcnt != 0);
800
801 /*
802 * Get policy info
803 *
804 * Assume starting anon index of 0
805 */
806 anon_index = seg_page(seg, addr);
807 policy_info = lgrp_shm_policy_get(amp, anon_index, NULL, 0);
808
809 return (policy_info);
810 }
811
812 /*
813 * DISM only.
814 * Return locked pages over a given range.
815 *
816 * We will cache all DISM locked pages and save the pplist for the
817 * entire segment in the ppa field of the underlying DISM segment structure.
818 * Later, during a call to segspt_reclaim() we will use this ppa array
819 * to page_unlock() all of the pages and then we will free this ppa list.
820 */
821 /*ARGSUSED*/
822 static int
823 segspt_dismpagelock(struct seg *seg, caddr_t addr, size_t len,
824 struct page ***ppp, enum lock_type type, enum seg_rw rw)
825 {
826 struct shm_data *shmd = (struct shm_data *)seg->s_data;
827 struct seg *sptseg = shmd->shm_sptseg;
828 struct spt_data *sptd = sptseg->s_data;
829 pgcnt_t pg_idx, npages, tot_npages, npgs;
830 struct page **pplist, **pl, **ppa, *pp;
831 struct anon_map *amp;
832 spgcnt_t an_idx;
833 int ret = ENOTSUP;
834 uint_t pl_built = 0;
835 struct anon *ap;
836 struct vnode *vp;
837 u_offset_t off;
838 pgcnt_t claim_availrmem = 0;
839 uint_t szc;
840
841 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
842 ASSERT(type == L_PAGELOCK || type == L_PAGEUNLOCK);
843
844 /*
845 * We want to lock/unlock the entire ISM segment. Therefore,
846 * we will be using the underlying sptseg and it's base address
847 * and length for the caching arguments.
848 */
849 ASSERT(sptseg);
850 ASSERT(sptd);
851
852 pg_idx = seg_page(seg, addr);
853 npages = btopr(len);
854
855 /*
856 * check if the request is larger than number of pages covered
857 * by amp
858 */
859 if (pg_idx + npages > btopr(sptd->spt_amp->size)) {
860 *ppp = NULL;
861 return (ENOTSUP);
862 }
863
864 if (type == L_PAGEUNLOCK) {
865 ASSERT(sptd->spt_ppa != NULL);
866
867 seg_pinactive(seg, NULL, seg->s_base, sptd->spt_amp->size,
868 sptd->spt_ppa, S_WRITE, SEGP_FORCE_WIRED, segspt_reclaim);
869
870 /*
871 * If someone is blocked while unmapping, we purge
872 * segment page cache and thus reclaim pplist synchronously
873 * without waiting for seg_pasync_thread. This speeds up
874 * unmapping in cases where munmap(2) is called, while
875 * raw async i/o is still in progress or where a thread
876 * exits on data fault in a multithreaded application.
877 */
878 if ((sptd->spt_flags & DISM_PPA_CHANGED) ||
879 (AS_ISUNMAPWAIT(seg->s_as) &&
880 shmd->shm_softlockcnt > 0)) {
881 segspt_purge(seg);
882 }
883 return (0);
884 }
885
886 /* The L_PAGELOCK case ... */
887
888 if (sptd->spt_flags & DISM_PPA_CHANGED) {
889 segspt_purge(seg);
890 /*
891 * for DISM ppa needs to be rebuild since
892 * number of locked pages could be changed
893 */
894 *ppp = NULL;
895 return (ENOTSUP);
896 }
897
898 /*
899 * First try to find pages in segment page cache, without
900 * holding the segment lock.
901 */
902 pplist = seg_plookup(seg, NULL, seg->s_base, sptd->spt_amp->size,
903 S_WRITE, SEGP_FORCE_WIRED);
904 if (pplist != NULL) {
905 ASSERT(sptd->spt_ppa != NULL);
906 ASSERT(sptd->spt_ppa == pplist);
907 ppa = sptd->spt_ppa;
908 for (an_idx = pg_idx; an_idx < pg_idx + npages; ) {
909 if (ppa[an_idx] == NULL) {
910 seg_pinactive(seg, NULL, seg->s_base,
911 sptd->spt_amp->size, ppa,
912 S_WRITE, SEGP_FORCE_WIRED, segspt_reclaim);
913 *ppp = NULL;
914 return (ENOTSUP);
915 }
916 if ((szc = ppa[an_idx]->p_szc) != 0) {
917 npgs = page_get_pagecnt(szc);
918 an_idx = P2ROUNDUP(an_idx + 1, npgs);
919 } else {
920 an_idx++;
921 }
922 }
923 /*
924 * Since we cache the entire DISM segment, we want to
925 * set ppp to point to the first slot that corresponds
926 * to the requested addr, i.e. pg_idx.
927 */
928 *ppp = &(sptd->spt_ppa[pg_idx]);
929 return (0);
930 }
931
932 mutex_enter(&sptd->spt_lock);
933 /*
934 * try to find pages in segment page cache with mutex
935 */
936 pplist = seg_plookup(seg, NULL, seg->s_base, sptd->spt_amp->size,
937 S_WRITE, SEGP_FORCE_WIRED);
938 if (pplist != NULL) {
939 ASSERT(sptd->spt_ppa != NULL);
940 ASSERT(sptd->spt_ppa == pplist);
941 ppa = sptd->spt_ppa;
942 for (an_idx = pg_idx; an_idx < pg_idx + npages; ) {
943 if (ppa[an_idx] == NULL) {
944 mutex_exit(&sptd->spt_lock);
945 seg_pinactive(seg, NULL, seg->s_base,
946 sptd->spt_amp->size, ppa,
947 S_WRITE, SEGP_FORCE_WIRED, segspt_reclaim);
948 *ppp = NULL;
949 return (ENOTSUP);
950 }
951 if ((szc = ppa[an_idx]->p_szc) != 0) {
952 npgs = page_get_pagecnt(szc);
953 an_idx = P2ROUNDUP(an_idx + 1, npgs);
954 } else {
955 an_idx++;
956 }
957 }
958 /*
959 * Since we cache the entire DISM segment, we want to
960 * set ppp to point to the first slot that corresponds
961 * to the requested addr, i.e. pg_idx.
962 */
963 mutex_exit(&sptd->spt_lock);
964 *ppp = &(sptd->spt_ppa[pg_idx]);
965 return (0);
966 }
967 if (seg_pinsert_check(seg, NULL, seg->s_base, sptd->spt_amp->size,
968 SEGP_FORCE_WIRED) == SEGP_FAIL) {
969 mutex_exit(&sptd->spt_lock);
970 *ppp = NULL;
971 return (ENOTSUP);
972 }
973
974 /*
975 * No need to worry about protections because DISM pages are always rw.
976 */
977 pl = pplist = NULL;
978 amp = sptd->spt_amp;
979
980 /*
981 * Do we need to build the ppa array?
982 */
983 if (sptd->spt_ppa == NULL) {
984 pgcnt_t lpg_cnt = 0;
985
986 pl_built = 1;
987 tot_npages = btopr(sptd->spt_amp->size);
988
989 ASSERT(sptd->spt_pcachecnt == 0);
990 pplist = kmem_zalloc(sizeof (page_t *) * tot_npages, KM_SLEEP);
991 pl = pplist;
992
993 ANON_LOCK_ENTER(&->a_rwlock, RW_WRITER);
994 for (an_idx = 0; an_idx < tot_npages; ) {
995 ap = anon_get_ptr(amp->ahp, an_idx);
996 /*
997 * Cache only mlocked pages. For large pages
998 * if one (constituent) page is mlocked
999 * all pages for that large page
1000 * are cached also. This is for quick
1001 * lookups of ppa array;
1002 */
1003 if ((ap != NULL) && (lpg_cnt != 0 ||
1004 (sptd->spt_ppa_lckcnt[an_idx] != 0))) {
1005
1006 swap_xlate(ap, &vp, &off);
1007 pp = page_lookup(vp, off, SE_SHARED);
1008 ASSERT(pp != NULL);
1009 if (lpg_cnt == 0) {
1010 lpg_cnt++;
1011 /*
1012 * For a small page, we are done --
1013 * lpg_count is reset to 0 below.
1014 *
1015 * For a large page, we are guaranteed
1016 * to find the anon structures of all
1017 * constituent pages and a non-zero
1018 * lpg_cnt ensures that we don't test
1019 * for mlock for these. We are done
1020 * when lpg_count reaches (npgs + 1).
1021 * If we are not the first constituent
1022 * page, restart at the first one.
1023 */
1024 npgs = page_get_pagecnt(pp->p_szc);
1025 if (!IS_P2ALIGNED(an_idx, npgs)) {
1026 an_idx = P2ALIGN(an_idx, npgs);
1027 page_unlock(pp);
1028 continue;
1029 }
1030 }
1031 if (++lpg_cnt > npgs)
1032 lpg_cnt = 0;
1033
1034 /*
1035 * availrmem is decremented only
1036 * for unlocked pages
1037 */
1038 if (sptd->spt_ppa_lckcnt[an_idx] == 0)
1039 claim_availrmem++;
1040 pplist[an_idx] = pp;
1041 }
1042 an_idx++;
1043 }
1044 ANON_LOCK_EXIT(&->a_rwlock);
1045
1046 if (claim_availrmem) {
1047 mutex_enter(&freemem_lock);
1048 if (availrmem < tune.t_minarmem + claim_availrmem) {
1049 mutex_exit(&freemem_lock);
1050 ret = ENOTSUP;
1051 claim_availrmem = 0;
1052 goto insert_fail;
1053 } else {
1054 availrmem -= claim_availrmem;
1055 }
1056 mutex_exit(&freemem_lock);
1057 }
1058
1059 sptd->spt_ppa = pl;
1060 } else {
1061 /*
1062 * We already have a valid ppa[].
1063 */
1064 pl = sptd->spt_ppa;
1065 }
1066
1067 ASSERT(pl != NULL);
1068
1069 ret = seg_pinsert(seg, NULL, seg->s_base, sptd->spt_amp->size,
1070 sptd->spt_amp->size, pl, S_WRITE, SEGP_FORCE_WIRED,
1071 segspt_reclaim);
1072 if (ret == SEGP_FAIL) {
1073 /*
1074 * seg_pinsert failed. We return
1075 * ENOTSUP, so that the as_pagelock() code will
1076 * then try the slower F_SOFTLOCK path.
1077 */
1078 if (pl_built) {
1079 /*
1080 * No one else has referenced the ppa[].
1081 * We created it and we need to destroy it.
1082 */
1083 sptd->spt_ppa = NULL;
1084 }
1085 ret = ENOTSUP;
1086 goto insert_fail;
1087 }
1088
1089 /*
1090 * In either case, we increment softlockcnt on the 'real' segment.
1091 */
1092 sptd->spt_pcachecnt++;
1093 atomic_inc_ulong((ulong_t *)(&(shmd->shm_softlockcnt)));
1094
1095 ppa = sptd->spt_ppa;
1096 for (an_idx = pg_idx; an_idx < pg_idx + npages; ) {
1097 if (ppa[an_idx] == NULL) {
1098 mutex_exit(&sptd->spt_lock);
1099 seg_pinactive(seg, NULL, seg->s_base,
1100 sptd->spt_amp->size,
1101 pl, S_WRITE, SEGP_FORCE_WIRED, segspt_reclaim);
1102 *ppp = NULL;
1103 return (ENOTSUP);
1104 }
1105 if ((szc = ppa[an_idx]->p_szc) != 0) {
1106 npgs = page_get_pagecnt(szc);
1107 an_idx = P2ROUNDUP(an_idx + 1, npgs);
1108 } else {
1109 an_idx++;
1110 }
1111 }
1112 /*
1113 * We can now drop the sptd->spt_lock since the ppa[]
1114 * exists and he have incremented pacachecnt.
1115 */
1116 mutex_exit(&sptd->spt_lock);
1117
1118 /*
1119 * Since we cache the entire segment, we want to
1120 * set ppp to point to the first slot that corresponds
1121 * to the requested addr, i.e. pg_idx.
1122 */
1123 *ppp = &(sptd->spt_ppa[pg_idx]);
1124 return (0);
1125
1126 insert_fail:
1127 /*
1128 * We will only reach this code if we tried and failed.
1129 *
1130 * And we can drop the lock on the dummy seg, once we've failed
1131 * to set up a new ppa[].
1132 */
1133 mutex_exit(&sptd->spt_lock);
1134
1135 if (pl_built) {
1136 if (claim_availrmem) {
1137 mutex_enter(&freemem_lock);
1138 availrmem += claim_availrmem;
1139 mutex_exit(&freemem_lock);
1140 }
1141
1142 /*
1143 * We created pl and we need to destroy it.
1144 */
1145 pplist = pl;
1146 for (an_idx = 0; an_idx < tot_npages; an_idx++) {
1147 if (pplist[an_idx] != NULL)
1148 page_unlock(pplist[an_idx]);
1149 }
1150 kmem_free(pl, sizeof (page_t *) * tot_npages);
1151 }
1152
1153 if (shmd->shm_softlockcnt <= 0) {
1154 if (AS_ISUNMAPWAIT(seg->s_as)) {
1155 mutex_enter(&seg->s_as->a_contents);
1156 if (AS_ISUNMAPWAIT(seg->s_as)) {
1157 AS_CLRUNMAPWAIT(seg->s_as);
1158 cv_broadcast(&seg->s_as->a_cv);
1159 }
1160 mutex_exit(&seg->s_as->a_contents);
1161 }
1162 }
1163 *ppp = NULL;
1164 return (ret);
1165 }
1166
1167
1168
1169 /*
1170 * return locked pages over a given range.
1171 *
1172 * We will cache the entire ISM segment and save the pplist for the
1173 * entire segment in the ppa field of the underlying ISM segment structure.
1174 * Later, during a call to segspt_reclaim() we will use this ppa array
1175 * to page_unlock() all of the pages and then we will free this ppa list.
1176 */
1177 /*ARGSUSED*/
1178 static int
1179 segspt_shmpagelock(struct seg *seg, caddr_t addr, size_t len,
1180 struct page ***ppp, enum lock_type type, enum seg_rw rw)
1181 {
1182 struct shm_data *shmd = (struct shm_data *)seg->s_data;
1183 struct seg *sptseg = shmd->shm_sptseg;
1184 struct spt_data *sptd = sptseg->s_data;
1185 pgcnt_t np, page_index, npages;
1186 caddr_t a, spt_base;
1187 struct page **pplist, **pl, *pp;
1188 struct anon_map *amp;
1189 ulong_t anon_index;
1190 int ret = ENOTSUP;
1191 uint_t pl_built = 0;
1192 struct anon *ap;
1193 struct vnode *vp;
1194 u_offset_t off;
1195
1196 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
1197 ASSERT(type == L_PAGELOCK || type == L_PAGEUNLOCK);
1198
1199
1200 /*
1201 * We want to lock/unlock the entire ISM segment. Therefore,
1202 * we will be using the underlying sptseg and it's base address
1203 * and length for the caching arguments.
1204 */
1205 ASSERT(sptseg);
1206 ASSERT(sptd);
1207
1208 if (sptd->spt_flags & SHM_PAGEABLE) {
1209 return (segspt_dismpagelock(seg, addr, len, ppp, type, rw));
1210 }
1211
1212 page_index = seg_page(seg, addr);
1213 npages = btopr(len);
1214
1215 /*
1216 * check if the request is larger than number of pages covered
1217 * by amp
1218 */
1219 if (page_index + npages > btopr(sptd->spt_amp->size)) {
1220 *ppp = NULL;
1221 return (ENOTSUP);
1222 }
1223
1224 if (type == L_PAGEUNLOCK) {
1225
1226 ASSERT(sptd->spt_ppa != NULL);
1227
1228 seg_pinactive(seg, NULL, seg->s_base, sptd->spt_amp->size,
1229 sptd->spt_ppa, S_WRITE, SEGP_FORCE_WIRED, segspt_reclaim);
1230
1231 /*
1232 * If someone is blocked while unmapping, we purge
1233 * segment page cache and thus reclaim pplist synchronously
1234 * without waiting for seg_pasync_thread. This speeds up
1235 * unmapping in cases where munmap(2) is called, while
1236 * raw async i/o is still in progress or where a thread
1237 * exits on data fault in a multithreaded application.
1238 */
1239 if (AS_ISUNMAPWAIT(seg->s_as) && (shmd->shm_softlockcnt > 0)) {
1240 segspt_purge(seg);
1241 }
1242 return (0);
1243 }
1244
1245 /* The L_PAGELOCK case... */
1246
1247 /*
1248 * First try to find pages in segment page cache, without
1249 * holding the segment lock.
1250 */
1251 pplist = seg_plookup(seg, NULL, seg->s_base, sptd->spt_amp->size,
1252 S_WRITE, SEGP_FORCE_WIRED);
1253 if (pplist != NULL) {
1254 ASSERT(sptd->spt_ppa == pplist);
1255 ASSERT(sptd->spt_ppa[page_index]);
1256 /*
1257 * Since we cache the entire ISM segment, we want to
1258 * set ppp to point to the first slot that corresponds
1259 * to the requested addr, i.e. page_index.
1260 */
1261 *ppp = &(sptd->spt_ppa[page_index]);
1262 return (0);
1263 }
1264
1265 mutex_enter(&sptd->spt_lock);
1266
1267 /*
1268 * try to find pages in segment page cache
1269 */
1270 pplist = seg_plookup(seg, NULL, seg->s_base, sptd->spt_amp->size,
1271 S_WRITE, SEGP_FORCE_WIRED);
1272 if (pplist != NULL) {
1273 ASSERT(sptd->spt_ppa == pplist);
1274 /*
1275 * Since we cache the entire segment, we want to
1276 * set ppp to point to the first slot that corresponds
1277 * to the requested addr, i.e. page_index.
1278 */
1279 mutex_exit(&sptd->spt_lock);
1280 *ppp = &(sptd->spt_ppa[page_index]);
1281 return (0);
1282 }
1283
1284 if (seg_pinsert_check(seg, NULL, seg->s_base, sptd->spt_amp->size,
1285 SEGP_FORCE_WIRED) == SEGP_FAIL) {
1286 mutex_exit(&sptd->spt_lock);
1287 *ppp = NULL;
1288 return (ENOTSUP);
1289 }
1290
1291 /*
1292 * No need to worry about protections because ISM pages
1293 * are always rw.
1294 */
1295 pl = pplist = NULL;
1296
1297 /*
1298 * Do we need to build the ppa array?
1299 */
1300 if (sptd->spt_ppa == NULL) {
1301 ASSERT(sptd->spt_ppa == pplist);
1302
1303 spt_base = sptseg->s_base;
1304 pl_built = 1;
1305
1306 /*
1307 * availrmem is decremented once during anon_swap_adjust()
1308 * and is incremented during the anon_unresv(), which is
1309 * called from shm_rm_amp() when the segment is destroyed.
1310 */
1311 amp = sptd->spt_amp;
1312 ASSERT(amp != NULL);
1313
1314 /* pcachecnt is protected by sptd->spt_lock */
1315 ASSERT(sptd->spt_pcachecnt == 0);
1316 pplist = kmem_zalloc(sizeof (page_t *)
1317 * btopr(sptd->spt_amp->size), KM_SLEEP);
1318 pl = pplist;
1319
1320 anon_index = seg_page(sptseg, spt_base);
1321
1322 ANON_LOCK_ENTER(&->a_rwlock, RW_WRITER);
1323 for (a = spt_base; a < (spt_base + sptd->spt_amp->size);
1324 a += PAGESIZE, anon_index++, pplist++) {
1325 ap = anon_get_ptr(amp->ahp, anon_index);
1326 ASSERT(ap != NULL);
1327 swap_xlate(ap, &vp, &off);
1328 pp = page_lookup(vp, off, SE_SHARED);
1329 ASSERT(pp != NULL);
1330 *pplist = pp;
1331 }
1332 ANON_LOCK_EXIT(&->a_rwlock);
1333
1334 if (a < (spt_base + sptd->spt_amp->size)) {
1335 ret = ENOTSUP;
1336 goto insert_fail;
1337 }
1338 sptd->spt_ppa = pl;
1339 } else {
1340 /*
1341 * We already have a valid ppa[].
1342 */
1343 pl = sptd->spt_ppa;
1344 }
1345
1346 ASSERT(pl != NULL);
1347
1348 ret = seg_pinsert(seg, NULL, seg->s_base, sptd->spt_amp->size,
1349 sptd->spt_amp->size, pl, S_WRITE, SEGP_FORCE_WIRED,
1350 segspt_reclaim);
1351 if (ret == SEGP_FAIL) {
1352 /*
1353 * seg_pinsert failed. We return
1354 * ENOTSUP, so that the as_pagelock() code will
1355 * then try the slower F_SOFTLOCK path.
1356 */
1357 if (pl_built) {
1358 /*
1359 * No one else has referenced the ppa[].
1360 * We created it and we need to destroy it.
1361 */
1362 sptd->spt_ppa = NULL;
1363 }
1364 ret = ENOTSUP;
1365 goto insert_fail;
1366 }
1367
1368 /*
1369 * In either case, we increment softlockcnt on the 'real' segment.
1370 */
1371 sptd->spt_pcachecnt++;
1372 atomic_inc_ulong((ulong_t *)(&(shmd->shm_softlockcnt)));
1373
1374 /*
1375 * We can now drop the sptd->spt_lock since the ppa[]
1376 * exists and he have incremented pacachecnt.
1377 */
1378 mutex_exit(&sptd->spt_lock);
1379
1380 /*
1381 * Since we cache the entire segment, we want to
1382 * set ppp to point to the first slot that corresponds
1383 * to the requested addr, i.e. page_index.
1384 */
1385 *ppp = &(sptd->spt_ppa[page_index]);
1386 return (0);
1387
1388 insert_fail:
1389 /*
1390 * We will only reach this code if we tried and failed.
1391 *
1392 * And we can drop the lock on the dummy seg, once we've failed
1393 * to set up a new ppa[].
1394 */
1395 mutex_exit(&sptd->spt_lock);
1396
1397 if (pl_built) {
1398 /*
1399 * We created pl and we need to destroy it.
1400 */
1401 pplist = pl;
1402 np = (((uintptr_t)(a - spt_base)) >> PAGESHIFT);
1403 while (np) {
1404 page_unlock(*pplist);
1405 np--;
1406 pplist++;
1407 }
1408 kmem_free(pl, sizeof (page_t *) * btopr(sptd->spt_amp->size));
1409 }
1410 if (shmd->shm_softlockcnt <= 0) {
1411 if (AS_ISUNMAPWAIT(seg->s_as)) {
1412 mutex_enter(&seg->s_as->a_contents);
1413 if (AS_ISUNMAPWAIT(seg->s_as)) {
1414 AS_CLRUNMAPWAIT(seg->s_as);
1415 cv_broadcast(&seg->s_as->a_cv);
1416 }
1417 mutex_exit(&seg->s_as->a_contents);
1418 }
1419 }
1420 *ppp = NULL;
1421 return (ret);
1422 }
1423
1424 /*
1425 * purge any cached pages in the I/O page cache
1426 */
1427 static void
1428 segspt_purge(struct seg *seg)
1429 {
1430 seg_ppurge(seg, NULL, SEGP_FORCE_WIRED);
1431 }
1432
1433 static int
1434 segspt_reclaim(void *ptag, caddr_t addr, size_t len, struct page **pplist,
1435 enum seg_rw rw, int async)
1436 {
1437 struct seg *seg = (struct seg *)ptag;
1438 struct shm_data *shmd = (struct shm_data *)seg->s_data;
1439 struct seg *sptseg;
1440 struct spt_data *sptd;
1441 pgcnt_t npages, i, free_availrmem = 0;
1442 int done = 0;
1443
1444 #ifdef lint
1445 addr = addr;
1446 #endif
1447 sptseg = shmd->shm_sptseg;
1448 sptd = sptseg->s_data;
1449 npages = (len >> PAGESHIFT);
1450 ASSERT(npages);
1451 ASSERT(sptd->spt_pcachecnt != 0);
1452 ASSERT(sptd->spt_ppa == pplist);
1453 ASSERT(npages == btopr(sptd->spt_amp->size));
1454 ASSERT(async || AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
1455
1456 /*
1457 * Acquire the lock on the dummy seg and destroy the
1458 * ppa array IF this is the last pcachecnt.
1459 */
1460 mutex_enter(&sptd->spt_lock);
1461 if (--sptd->spt_pcachecnt == 0) {
1462 for (i = 0; i < npages; i++) {
1463 if (pplist[i] == NULL) {
1464 continue;
1465 }
1466 if (rw == S_WRITE) {
1467 hat_setrefmod(pplist[i]);
1468 } else {
1469 hat_setref(pplist[i]);
1470 }
1471 if ((sptd->spt_flags & SHM_PAGEABLE) &&
1472 (sptd->spt_ppa_lckcnt[i] == 0))
1473 free_availrmem++;
1474 page_unlock(pplist[i]);
1475 }
1476 if ((sptd->spt_flags & SHM_PAGEABLE) && free_availrmem) {
1477 mutex_enter(&freemem_lock);
1478 availrmem += free_availrmem;
1479 mutex_exit(&freemem_lock);
1480 }
1481 /*
1482 * Since we want to cach/uncache the entire ISM segment,
1483 * we will track the pplist in a segspt specific field
1484 * ppa, that is initialized at the time we add an entry to
1485 * the cache.
1486 */
1487 ASSERT(sptd->spt_pcachecnt == 0);
1488 kmem_free(pplist, sizeof (page_t *) * npages);
1489 sptd->spt_ppa = NULL;
1490 sptd->spt_flags &= ~DISM_PPA_CHANGED;
1491 sptd->spt_gen++;
1492 cv_broadcast(&sptd->spt_cv);
1493 done = 1;
1494 }
1495 mutex_exit(&sptd->spt_lock);
1496
1497 /*
1498 * If we are pcache async thread or called via seg_ppurge_wiredpp() we
1499 * may not hold AS lock (in this case async argument is not 0). This
1500 * means if softlockcnt drops to 0 after the decrement below address
1501 * space may get freed. We can't allow it since after softlock
1502 * derement to 0 we still need to access as structure for possible
1503 * wakeup of unmap waiters. To prevent the disappearance of as we take
1504 * this segment's shm_segfree_syncmtx. segspt_shmfree() also takes
1505 * this mutex as a barrier to make sure this routine completes before
1506 * segment is freed.
1507 *
1508 * The second complication we have to deal with in async case is a
1509 * possibility of missed wake up of unmap wait thread. When we don't
1510 * hold as lock here we may take a_contents lock before unmap wait
1511 * thread that was first to see softlockcnt was still not 0. As a
1512 * result we'll fail to wake up an unmap wait thread. To avoid this
1513 * race we set nounmapwait flag in as structure if we drop softlockcnt
1514 * to 0 if async is not 0. unmapwait thread
1515 * will not block if this flag is set.
1516 */
1517 if (async)
1518 mutex_enter(&shmd->shm_segfree_syncmtx);
1519
1520 /*
1521 * Now decrement softlockcnt.
1522 */
1523 ASSERT(shmd->shm_softlockcnt > 0);
1524 atomic_dec_ulong((ulong_t *)(&(shmd->shm_softlockcnt)));
1525
1526 if (shmd->shm_softlockcnt <= 0) {
1527 if (async || AS_ISUNMAPWAIT(seg->s_as)) {
1528 mutex_enter(&seg->s_as->a_contents);
1529 if (async)
1530 AS_SETNOUNMAPWAIT(seg->s_as);
1531 if (AS_ISUNMAPWAIT(seg->s_as)) {
1532 AS_CLRUNMAPWAIT(seg->s_as);
1533 cv_broadcast(&seg->s_as->a_cv);
1534 }
1535 mutex_exit(&seg->s_as->a_contents);
1536 }
1537 }
1538
1539 if (async)
1540 mutex_exit(&shmd->shm_segfree_syncmtx);
1541
1542 return (done);
1543 }
1544
1545 /*
1546 * Do a F_SOFTUNLOCK call over the range requested.
1547 * The range must have already been F_SOFTLOCK'ed.
1548 *
1549 * The calls to acquire and release the anon map lock mutex were
1550 * removed in order to avoid a deadly embrace during a DR
1551 * memory delete operation. (Eg. DR blocks while waiting for a
1552 * exclusive lock on a page that is being used for kaio; the
1553 * thread that will complete the kaio and call segspt_softunlock
1554 * blocks on the anon map lock; another thread holding the anon
1555 * map lock blocks on another page lock via the segspt_shmfault
1556 * -> page_lookup -> page_lookup_create -> page_lock_es code flow.)
1557 *
1558 * The appropriateness of the removal is based upon the following:
1559 * 1. If we are holding a segment's reader lock and the page is held
1560 * shared, then the corresponding element in anonmap which points to
1561 * anon struct cannot change and there is no need to acquire the
1562 * anonymous map lock.
1563 * 2. Threads in segspt_softunlock have a reader lock on the segment
1564 * and already have the shared page lock, so we are guaranteed that
1565 * the anon map slot cannot change and therefore can call anon_get_ptr()
1566 * without grabbing the anonymous map lock.
1567 * 3. Threads that softlock a shared page break copy-on-write, even if
1568 * its a read. Thus cow faults can be ignored with respect to soft
1569 * unlocking, since the breaking of cow means that the anon slot(s) will
1570 * not be shared.
1571 */
1572 static void
1573 segspt_softunlock(struct seg *seg, caddr_t sptseg_addr,
1574 size_t len, enum seg_rw rw)
1575 {
1576 struct shm_data *shmd = (struct shm_data *)seg->s_data;
1577 struct seg *sptseg;
1578 struct spt_data *sptd;
1579 page_t *pp;
1580 caddr_t adr;
1581 struct vnode *vp;
1582 u_offset_t offset;
1583 ulong_t anon_index;
1584 struct anon_map *amp; /* XXX - for locknest */
1585 struct anon *ap = NULL;
1586 pgcnt_t npages;
1587
1588 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
1589
1590 sptseg = shmd->shm_sptseg;
1591 sptd = sptseg->s_data;
1592
1593 /*
1594 * Some platforms assume that ISM mappings are HAT_LOAD_LOCK
1595 * and therefore their pages are SE_SHARED locked
1596 * for the entire life of the segment.
1597 */
1598 if ((!hat_supported(HAT_DYNAMIC_ISM_UNMAP, (void *)0)) &&
1599 ((sptd->spt_flags & SHM_PAGEABLE) == 0)) {
1600 goto softlock_decrement;
1601 }
1602
1603 /*
1604 * Any thread is free to do a page_find and
1605 * page_unlock() on the pages within this seg.
1606 *
1607 * We are already holding the as->a_lock on the user's
1608 * real segment, but we need to hold the a_lock on the
1609 * underlying dummy as. This is mostly to satisfy the
1610 * underlying HAT layer.
1611 */
1612 AS_LOCK_ENTER(sptseg->s_as, &sptseg->s_as->a_lock, RW_READER);
1613 hat_unlock(sptseg->s_as->a_hat, sptseg_addr, len);
1614 AS_LOCK_EXIT(sptseg->s_as, &sptseg->s_as->a_lock);
1615
1616 amp = sptd->spt_amp;
1617 ASSERT(amp != NULL);
1618 anon_index = seg_page(sptseg, sptseg_addr);
1619
1620 for (adr = sptseg_addr; adr < sptseg_addr + len; adr += PAGESIZE) {
1621 ap = anon_get_ptr(amp->ahp, anon_index++);
1622 ASSERT(ap != NULL);
1623 swap_xlate(ap, &vp, &offset);
1624
1625 /*
1626 * Use page_find() instead of page_lookup() to
1627 * find the page since we know that it has a
1628 * "shared" lock.
1629 */
1630 pp = page_find(vp, offset);
1631 ASSERT(ap == anon_get_ptr(amp->ahp, anon_index - 1));
1632 if (pp == NULL) {
1633 panic("segspt_softunlock: "
1634 "addr %p, ap %p, vp %p, off %llx",
1635 (void *)adr, (void *)ap, (void *)vp, offset);
1636 /*NOTREACHED*/
1637 }
1638
1639 if (rw == S_WRITE) {
1640 hat_setrefmod(pp);
1641 } else if (rw != S_OTHER) {
1642 hat_setref(pp);
1643 }
1644 page_unlock(pp);
1645 }
1646
1647 softlock_decrement:
1648 npages = btopr(len);
1649 ASSERT(shmd->shm_softlockcnt >= npages);
1650 atomic_add_long((ulong_t *)(&(shmd->shm_softlockcnt)), -npages);
1651 if (shmd->shm_softlockcnt == 0) {
1652 /*
1653 * All SOFTLOCKS are gone. Wakeup any waiting
1654 * unmappers so they can try again to unmap.
1655 * Check for waiters first without the mutex
1656 * held so we don't always grab the mutex on
1657 * softunlocks.
1658 */
1659 if (AS_ISUNMAPWAIT(seg->s_as)) {
1660 mutex_enter(&seg->s_as->a_contents);
1661 if (AS_ISUNMAPWAIT(seg->s_as)) {
1662 AS_CLRUNMAPWAIT(seg->s_as);
1663 cv_broadcast(&seg->s_as->a_cv);
1664 }
1665 mutex_exit(&seg->s_as->a_contents);
1666 }
1667 }
1668 }
1669
1670 int
1671 segspt_shmattach(struct seg *seg, caddr_t *argsp)
1672 {
1673 struct shm_data *shmd_arg = (struct shm_data *)argsp;
1674 struct shm_data *shmd;
1675 struct anon_map *shm_amp = shmd_arg->shm_amp;
1676 struct spt_data *sptd;
1677 int error = 0;
1678
1679 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as, &seg->s_as->a_lock));
1680
1681 shmd = kmem_zalloc((sizeof (*shmd)), KM_NOSLEEP);
1682 if (shmd == NULL)
1683 return (ENOMEM);
1684
1685 shmd->shm_sptas = shmd_arg->shm_sptas;
1686 shmd->shm_amp = shm_amp;
1687 shmd->shm_sptseg = shmd_arg->shm_sptseg;
1688
1689 (void) lgrp_shm_policy_set(LGRP_MEM_POLICY_DEFAULT, shm_amp, 0,
1690 NULL, 0, seg->s_size);
1691
1692 mutex_init(&shmd->shm_segfree_syncmtx, NULL, MUTEX_DEFAULT, NULL);
1693
1694 seg->s_data = (void *)shmd;
1695 seg->s_ops = &segspt_shmops;
1696 seg->s_szc = shmd->shm_sptseg->s_szc;
1697 sptd = shmd->shm_sptseg->s_data;
1698
1699 if (sptd->spt_flags & SHM_PAGEABLE) {
1700 if ((shmd->shm_vpage = kmem_zalloc(btopr(shm_amp->size),
1701 KM_NOSLEEP)) == NULL) {
1702 seg->s_data = (void *)NULL;
1703 kmem_free(shmd, (sizeof (*shmd)));
1704 return (ENOMEM);
1705 }
1706 shmd->shm_lckpgs = 0;
1707 if (hat_supported(HAT_DYNAMIC_ISM_UNMAP, (void *)0)) {
1708 if ((error = hat_share(seg->s_as->a_hat, seg->s_base,
1709 shmd_arg->shm_sptas->a_hat, SEGSPTADDR,
1710 seg->s_size, seg->s_szc)) != 0) {
1711 kmem_free(shmd->shm_vpage,
1712 btopr(shm_amp->size));
1713 }
1714 }
1715 } else {
1716 error = hat_share(seg->s_as->a_hat, seg->s_base,
1717 shmd_arg->shm_sptas->a_hat, SEGSPTADDR,
1718 seg->s_size, seg->s_szc);
1719 }
1720 if (error) {
1721 seg->s_szc = 0;
1722 seg->s_data = (void *)NULL;
1723 kmem_free(shmd, (sizeof (*shmd)));
1724 } else {
1725 ANON_LOCK_ENTER(&shm_amp->a_rwlock, RW_WRITER);
1726 shm_amp->refcnt++;
1727 ANON_LOCK_EXIT(&shm_amp->a_rwlock);
1728 }
1729 return (error);
1730 }
1731
1732 int
1733 segspt_shmunmap(struct seg *seg, caddr_t raddr, size_t ssize)
1734 {
1735 struct shm_data *shmd = (struct shm_data *)seg->s_data;
1736 int reclaim = 1;
1737
1738 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as, &seg->s_as->a_lock));
1739 retry:
1740 if (shmd->shm_softlockcnt > 0) {
1741 if (reclaim == 1) {
1742 segspt_purge(seg);
1743 reclaim = 0;
1744 goto retry;
1745 }
1746 return (EAGAIN);
1747 }
1748
1749 if (ssize != seg->s_size) {
1750 #ifdef DEBUG
1751 cmn_err(CE_WARN, "Incompatible ssize %lx s_size %lx\n",
1752 ssize, seg->s_size);
1753 #endif
1754 return (EINVAL);
1755 }
1756
1757 (void) segspt_shmlockop(seg, raddr, shmd->shm_amp->size, 0, MC_UNLOCK,
1758 NULL, 0);
1759 hat_unshare(seg->s_as->a_hat, raddr, ssize, seg->s_szc);
1760
1761 seg_free(seg);
1762
1763 return (0);
1764 }
1765
1766 void
1767 segspt_shmfree(struct seg *seg)
1768 {
1769 struct shm_data *shmd = (struct shm_data *)seg->s_data;
1770 struct anon_map *shm_amp = shmd->shm_amp;
1771
1772 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as, &seg->s_as->a_lock));
1773
1774 (void) segspt_shmlockop(seg, seg->s_base, shm_amp->size, 0,
1775 MC_UNLOCK, NULL, 0);
1776
1777 /*
1778 * Need to increment refcnt when attaching
1779 * and decrement when detaching because of dup().
1780 */
1781 ANON_LOCK_ENTER(&shm_amp->a_rwlock, RW_WRITER);
1782 shm_amp->refcnt--;
1783 ANON_LOCK_EXIT(&shm_amp->a_rwlock);
1784
1785 if (shmd->shm_vpage) { /* only for DISM */
1786 kmem_free(shmd->shm_vpage, btopr(shm_amp->size));
1787 shmd->shm_vpage = NULL;
1788 }
1789
1790 /*
1791 * Take shm_segfree_syncmtx lock to let segspt_reclaim() finish if it's
1792 * still working with this segment without holding as lock.
1793 */
1794 ASSERT(shmd->shm_softlockcnt == 0);
1795 mutex_enter(&shmd->shm_segfree_syncmtx);
1796 mutex_destroy(&shmd->shm_segfree_syncmtx);
1797
1798 kmem_free(shmd, sizeof (*shmd));
1799 }
1800
1801 /*ARGSUSED*/
1802 int
1803 segspt_shmsetprot(struct seg *seg, caddr_t addr, size_t len, uint_t prot)
1804 {
1805 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
1806
1807 /*
1808 * Shared page table is more than shared mapping.
1809 * Individual process sharing page tables can't change prot
1810 * because there is only one set of page tables.
1811 * This will be allowed after private page table is
1812 * supported.
1813 */
1814 /* need to return correct status error? */
1815 return (0);
1816 }
1817
1818
1819 faultcode_t
1820 segspt_dismfault(struct hat *hat, struct seg *seg, caddr_t addr,
1821 size_t len, enum fault_type type, enum seg_rw rw)
1822 {
1823 struct shm_data *shmd = (struct shm_data *)seg->s_data;
1824 struct seg *sptseg = shmd->shm_sptseg;
1825 struct as *curspt = shmd->shm_sptas;
1826 struct spt_data *sptd = sptseg->s_data;
1827 pgcnt_t npages;
1828 size_t size;
1829 caddr_t segspt_addr, shm_addr;
1830 page_t **ppa;
1831 int i;
1832 ulong_t an_idx = 0;
1833 int err = 0;
1834 int dyn_ism_unmap = hat_supported(HAT_DYNAMIC_ISM_UNMAP, (void *)0);
1835 size_t pgsz;
1836 pgcnt_t pgcnt;
1837 caddr_t a;
1838 pgcnt_t pidx;
1839
1840 #ifdef lint
1841 hat = hat;
1842 #endif
1843 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
1844
1845 /*
1846 * Because of the way spt is implemented
1847 * the realsize of the segment does not have to be
1848 * equal to the segment size itself. The segment size is
1849 * often in multiples of a page size larger than PAGESIZE.
1850 * The realsize is rounded up to the nearest PAGESIZE
1851 * based on what the user requested. This is a bit of
1852 * ungliness that is historical but not easily fixed
1853 * without re-designing the higher levels of ISM.
1854 */
1855 ASSERT(addr >= seg->s_base);
1856 if (((addr + len) - seg->s_base) > sptd->spt_realsize)
1857 return (FC_NOMAP);
1858 /*
1859 * For all of the following cases except F_PROT, we need to
1860 * make any necessary adjustments to addr and len
1861 * and get all of the necessary page_t's into an array called ppa[].
1862 *
1863 * The code in shmat() forces base addr and len of ISM segment
1864 * to be aligned to largest page size supported. Therefore,
1865 * we are able to handle F_SOFTLOCK and F_INVAL calls in "large
1866 * pagesize" chunks. We want to make sure that we HAT_LOAD_LOCK
1867 * in large pagesize chunks, or else we will screw up the HAT
1868 * layer by calling hat_memload_array() with differing page sizes
1869 * over a given virtual range.
1870 */
1871 pgsz = page_get_pagesize(sptseg->s_szc);
1872 pgcnt = page_get_pagecnt(sptseg->s_szc);
1873 shm_addr = (caddr_t)P2ALIGN((uintptr_t)(addr), pgsz);
1874 size = P2ROUNDUP((uintptr_t)(((addr + len) - shm_addr)), pgsz);
1875 npages = btopr(size);
1876
1877 /*
1878 * Now we need to convert from addr in segshm to addr in segspt.
1879 */
1880 an_idx = seg_page(seg, shm_addr);
1881 segspt_addr = sptseg->s_base + ptob(an_idx);
1882
1883 ASSERT((segspt_addr + ptob(npages)) <=
1884 (sptseg->s_base + sptd->spt_realsize));
1885 ASSERT(segspt_addr < (sptseg->s_base + sptseg->s_size));
1886
1887 switch (type) {
1888
1889 case F_SOFTLOCK:
1890
1891 atomic_add_long((ulong_t *)(&(shmd->shm_softlockcnt)), npages);
1892 /*
1893 * Fall through to the F_INVAL case to load up the hat layer
1894 * entries with the HAT_LOAD_LOCK flag.
1895 */
1896 /* FALLTHRU */
1897 case F_INVAL:
1898
1899 if ((rw == S_EXEC) && !(sptd->spt_prot & PROT_EXEC))
1900 return (FC_NOMAP);
1901
1902 ppa = kmem_zalloc(npages * sizeof (page_t *), KM_SLEEP);
1903
1904 err = spt_anon_getpages(sptseg, segspt_addr, size, ppa);
1905 if (err != 0) {
1906 if (type == F_SOFTLOCK) {
1907 atomic_add_long((ulong_t *)(
1908 &(shmd->shm_softlockcnt)), -npages);
1909 }
1910 goto dism_err;
1911 }
1912 AS_LOCK_ENTER(sptseg->s_as, &sptseg->s_as->a_lock, RW_READER);
1913 a = segspt_addr;
1914 pidx = 0;
1915 if (type == F_SOFTLOCK) {
1916
1917 /*
1918 * Load up the translation keeping it
1919 * locked and don't unlock the page.
1920 */
1921 for (; pidx < npages; a += pgsz, pidx += pgcnt) {
1922 hat_memload_array(sptseg->s_as->a_hat,
1923 a, pgsz, &ppa[pidx], sptd->spt_prot,
1924 HAT_LOAD_LOCK | HAT_LOAD_SHARE);
1925 }
1926 } else {
1927 if (hat == seg->s_as->a_hat) {
1928
1929 /*
1930 * Migrate pages marked for migration
1931 */
1932 if (lgrp_optimizations())
1933 page_migrate(seg, shm_addr, ppa,
1934 npages);
1935
1936 /* CPU HAT */
1937 for (; pidx < npages;
1938 a += pgsz, pidx += pgcnt) {
1939 hat_memload_array(sptseg->s_as->a_hat,
1940 a, pgsz, &ppa[pidx],
1941 sptd->spt_prot,
1942 HAT_LOAD_SHARE);
1943 }
1944 } else {
1945 /* XHAT. Pass real address */
1946 hat_memload_array(hat, shm_addr,
1947 size, ppa, sptd->spt_prot, HAT_LOAD_SHARE);
1948 }
1949
1950 /*
1951 * And now drop the SE_SHARED lock(s).
1952 */
1953 if (dyn_ism_unmap) {
1954 for (i = 0; i < npages; i++) {
1955 page_unlock(ppa[i]);
1956 }
1957 }
1958 }
1959
1960 if (!dyn_ism_unmap) {
1961 if (hat_share(seg->s_as->a_hat, shm_addr,
1962 curspt->a_hat, segspt_addr, ptob(npages),
1963 seg->s_szc) != 0) {
1964 panic("hat_share err in DISM fault");
1965 /* NOTREACHED */
1966 }
1967 if (type == F_INVAL) {
1968 for (i = 0; i < npages; i++) {
1969 page_unlock(ppa[i]);
1970 }
1971 }
1972 }
1973 AS_LOCK_EXIT(sptseg->s_as, &sptseg->s_as->a_lock);
1974 dism_err:
1975 kmem_free(ppa, npages * sizeof (page_t *));
1976 return (err);
1977
1978 case F_SOFTUNLOCK:
1979
1980 /*
1981 * This is a bit ugly, we pass in the real seg pointer,
1982 * but the segspt_addr is the virtual address within the
1983 * dummy seg.
1984 */
1985 segspt_softunlock(seg, segspt_addr, size, rw);
1986 return (0);
1987
1988 case F_PROT:
1989
1990 /*
1991 * This takes care of the unusual case where a user
1992 * allocates a stack in shared memory and a register
1993 * window overflow is written to that stack page before
1994 * it is otherwise modified.
1995 *
1996 * We can get away with this because ISM segments are
1997 * always rw. Other than this unusual case, there
1998 * should be no instances of protection violations.
1999 */
2000 return (0);
2001
2002 default:
2003 #ifdef DEBUG
2004 panic("segspt_dismfault default type?");
2005 #else
2006 return (FC_NOMAP);
2007 #endif
2008 }
2009 }
2010
2011
2012 faultcode_t
2013 segspt_shmfault(struct hat *hat, struct seg *seg, caddr_t addr,
2014 size_t len, enum fault_type type, enum seg_rw rw)
2015 {
2016 struct shm_data *shmd = (struct shm_data *)seg->s_data;
2017 struct seg *sptseg = shmd->shm_sptseg;
2018 struct as *curspt = shmd->shm_sptas;
2019 struct spt_data *sptd = sptseg->s_data;
2020 pgcnt_t npages;
2021 size_t size;
2022 caddr_t sptseg_addr, shm_addr;
2023 page_t *pp, **ppa;
2024 int i;
2025 u_offset_t offset;
2026 ulong_t anon_index = 0;
2027 struct vnode *vp;
2028 struct anon_map *amp; /* XXX - for locknest */
2029 struct anon *ap = NULL;
2030 size_t pgsz;
2031 pgcnt_t pgcnt;
2032 caddr_t a;
2033 pgcnt_t pidx;
2034 size_t sz;
2035
2036 #ifdef lint
2037 hat = hat;
2038 #endif
2039
2040 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
2041
2042 if (sptd->spt_flags & SHM_PAGEABLE) {
2043 return (segspt_dismfault(hat, seg, addr, len, type, rw));
2044 }
2045
2046 /*
2047 * Because of the way spt is implemented
2048 * the realsize of the segment does not have to be
2049 * equal to the segment size itself. The segment size is
2050 * often in multiples of a page size larger than PAGESIZE.
2051 * The realsize is rounded up to the nearest PAGESIZE
2052 * based on what the user requested. This is a bit of
2053 * ungliness that is historical but not easily fixed
2054 * without re-designing the higher levels of ISM.
2055 */
2056 ASSERT(addr >= seg->s_base);
2057 if (((addr + len) - seg->s_base) > sptd->spt_realsize)
2058 return (FC_NOMAP);
2059 /*
2060 * For all of the following cases except F_PROT, we need to
2061 * make any necessary adjustments to addr and len
2062 * and get all of the necessary page_t's into an array called ppa[].
2063 *
2064 * The code in shmat() forces base addr and len of ISM segment
2065 * to be aligned to largest page size supported. Therefore,
2066 * we are able to handle F_SOFTLOCK and F_INVAL calls in "large
2067 * pagesize" chunks. We want to make sure that we HAT_LOAD_LOCK
2068 * in large pagesize chunks, or else we will screw up the HAT
2069 * layer by calling hat_memload_array() with differing page sizes
2070 * over a given virtual range.
2071 */
2072 pgsz = page_get_pagesize(sptseg->s_szc);
2073 pgcnt = page_get_pagecnt(sptseg->s_szc);
2074 shm_addr = (caddr_t)P2ALIGN((uintptr_t)(addr), pgsz);
2075 size = P2ROUNDUP((uintptr_t)(((addr + len) - shm_addr)), pgsz);
2076 npages = btopr(size);
2077
2078 /*
2079 * Now we need to convert from addr in segshm to addr in segspt.
2080 */
2081 anon_index = seg_page(seg, shm_addr);
2082 sptseg_addr = sptseg->s_base + ptob(anon_index);
2083
2084 /*
2085 * And now we may have to adjust npages downward if we have
2086 * exceeded the realsize of the segment or initial anon
2087 * allocations.
2088 */
2089 if ((sptseg_addr + ptob(npages)) >
2090 (sptseg->s_base + sptd->spt_realsize))
2091 size = (sptseg->s_base + sptd->spt_realsize) - sptseg_addr;
2092
2093 npages = btopr(size);
2094
2095 ASSERT(sptseg_addr < (sptseg->s_base + sptseg->s_size));
2096 ASSERT((sptd->spt_flags & SHM_PAGEABLE) == 0);
2097
2098 switch (type) {
2099
2100 case F_SOFTLOCK:
2101
2102 /*
2103 * availrmem is decremented once during anon_swap_adjust()
2104 * and is incremented during the anon_unresv(), which is
2105 * called from shm_rm_amp() when the segment is destroyed.
2106 */
2107 atomic_add_long((ulong_t *)(&(shmd->shm_softlockcnt)), npages);
2108 /*
2109 * Some platforms assume that ISM pages are SE_SHARED
2110 * locked for the entire life of the segment.
2111 */
2112 if (!hat_supported(HAT_DYNAMIC_ISM_UNMAP, (void *)0))
2113 return (0);
2114 /*
2115 * Fall through to the F_INVAL case to load up the hat layer
2116 * entries with the HAT_LOAD_LOCK flag.
2117 */
2118
2119 /* FALLTHRU */
2120 case F_INVAL:
2121
2122 if ((rw == S_EXEC) && !(sptd->spt_prot & PROT_EXEC))
2123 return (FC_NOMAP);
2124
2125 /*
2126 * Some platforms that do NOT support DYNAMIC_ISM_UNMAP
2127 * may still rely on this call to hat_share(). That
2128 * would imply that those hat's can fault on a
2129 * HAT_LOAD_LOCK translation, which would seem
2130 * contradictory.
2131 */
2132 if (!hat_supported(HAT_DYNAMIC_ISM_UNMAP, (void *)0)) {
2133 if (hat_share(seg->s_as->a_hat, seg->s_base,
2134 curspt->a_hat, sptseg->s_base,
2135 sptseg->s_size, sptseg->s_szc) != 0) {
2136 panic("hat_share error in ISM fault");
2137 /*NOTREACHED*/
2138 }
2139 return (0);
2140 }
2141 ppa = kmem_zalloc(sizeof (page_t *) * npages, KM_SLEEP);
2142
2143 /*
2144 * I see no need to lock the real seg,
2145 * here, because all of our work will be on the underlying
2146 * dummy seg.
2147 *
2148 * sptseg_addr and npages now account for large pages.
2149 */
2150 amp = sptd->spt_amp;
2151 ASSERT(amp != NULL);
2152 anon_index = seg_page(sptseg, sptseg_addr);
2153
2154 ANON_LOCK_ENTER(&->a_rwlock, RW_READER);
2155 for (i = 0; i < npages; i++) {
2156 ap = anon_get_ptr(amp->ahp, anon_index++);
2157 ASSERT(ap != NULL);
2158 swap_xlate(ap, &vp, &offset);
2159 pp = page_lookup(vp, offset, SE_SHARED);
2160 ASSERT(pp != NULL);
2161 ppa[i] = pp;
2162 }
2163 ANON_LOCK_EXIT(&->a_rwlock);
2164 ASSERT(i == npages);
2165
2166 /*
2167 * We are already holding the as->a_lock on the user's
2168 * real segment, but we need to hold the a_lock on the
2169 * underlying dummy as. This is mostly to satisfy the
2170 * underlying HAT layer.
2171 */
2172 AS_LOCK_ENTER(sptseg->s_as, &sptseg->s_as->a_lock, RW_READER);
2173 a = sptseg_addr;
2174 pidx = 0;
2175 if (type == F_SOFTLOCK) {
2176 /*
2177 * Load up the translation keeping it
2178 * locked and don't unlock the page.
2179 */
2180 for (; pidx < npages; a += pgsz, pidx += pgcnt) {
2181 sz = MIN(pgsz, ptob(npages - pidx));
2182 hat_memload_array(sptseg->s_as->a_hat, a,
2183 sz, &ppa[pidx], sptd->spt_prot,
2184 HAT_LOAD_LOCK | HAT_LOAD_SHARE);
2185 }
2186 } else {
2187 if (hat == seg->s_as->a_hat) {
2188
2189 /*
2190 * Migrate pages marked for migration.
2191 */
2192 if (lgrp_optimizations())
2193 page_migrate(seg, shm_addr, ppa,
2194 npages);
2195
2196 /* CPU HAT */
2197 for (; pidx < npages;
2198 a += pgsz, pidx += pgcnt) {
2199 sz = MIN(pgsz, ptob(npages - pidx));
2200 hat_memload_array(sptseg->s_as->a_hat,
2201 a, sz, &ppa[pidx],
2202 sptd->spt_prot, HAT_LOAD_SHARE);
2203 }
2204 } else {
2205 /* XHAT. Pass real address */
2206 hat_memload_array(hat, shm_addr,
2207 ptob(npages), ppa, sptd->spt_prot,
2208 HAT_LOAD_SHARE);
2209 }
2210
2211 /*
2212 * And now drop the SE_SHARED lock(s).
2213 */
2214 for (i = 0; i < npages; i++)
2215 page_unlock(ppa[i]);
2216 }
2217 AS_LOCK_EXIT(sptseg->s_as, &sptseg->s_as->a_lock);
2218
2219 kmem_free(ppa, sizeof (page_t *) * npages);
2220 return (0);
2221 case F_SOFTUNLOCK:
2222
2223 /*
2224 * This is a bit ugly, we pass in the real seg pointer,
2225 * but the sptseg_addr is the virtual address within the
2226 * dummy seg.
2227 */
2228 segspt_softunlock(seg, sptseg_addr, ptob(npages), rw);
2229 return (0);
2230
2231 case F_PROT:
2232
2233 /*
2234 * This takes care of the unusual case where a user
2235 * allocates a stack in shared memory and a register
2236 * window overflow is written to that stack page before
2237 * it is otherwise modified.
2238 *
2239 * We can get away with this because ISM segments are
2240 * always rw. Other than this unusual case, there
2241 * should be no instances of protection violations.
2242 */
2243 return (0);
2244
2245 default:
2246 #ifdef DEBUG
2247 cmn_err(CE_WARN, "segspt_shmfault default type?");
2248 #endif
2249 return (FC_NOMAP);
2250 }
2251 }
2252
2253 /*ARGSUSED*/
2254 static faultcode_t
2255 segspt_shmfaulta(struct seg *seg, caddr_t addr)
2256 {
2257 return (0);
2258 }
2259
2260 /*ARGSUSED*/
2261 static int
2262 segspt_shmkluster(struct seg *seg, caddr_t addr, ssize_t delta)
2263 {
2264 return (0);
2265 }
2266
2267 /*ARGSUSED*/
2268 static size_t
2269 segspt_shmswapout(struct seg *seg)
2270 {
2271 return (0);
2272 }
2273
2274 /*
2275 * duplicate the shared page tables
2276 */
2277 int
2278 segspt_shmdup(struct seg *seg, struct seg *newseg)
2279 {
2280 struct shm_data *shmd = (struct shm_data *)seg->s_data;
2281 struct anon_map *amp = shmd->shm_amp;
2282 struct shm_data *shmd_new;
2283 struct seg *spt_seg = shmd->shm_sptseg;
2284 struct spt_data *sptd = spt_seg->s_data;
2285 int error = 0;
2286
2287 ASSERT(seg->s_as && AS_WRITE_HELD(seg->s_as, &seg->s_as->a_lock));
2288
2289 shmd_new = kmem_zalloc((sizeof (*shmd_new)), KM_SLEEP);
2290 newseg->s_data = (void *)shmd_new;
2291 shmd_new->shm_sptas = shmd->shm_sptas;
2292 shmd_new->shm_amp = amp;
2293 shmd_new->shm_sptseg = shmd->shm_sptseg;
2294 newseg->s_ops = &segspt_shmops;
2295 newseg->s_szc = seg->s_szc;
2296 ASSERT(seg->s_szc == shmd->shm_sptseg->s_szc);
2297
2298 ANON_LOCK_ENTER(&->a_rwlock, RW_WRITER);
2299 amp->refcnt++;
2300 ANON_LOCK_EXIT(&->a_rwlock);
2301
2302 if (sptd->spt_flags & SHM_PAGEABLE) {
2303 shmd_new->shm_vpage = kmem_zalloc(btopr(amp->size), KM_SLEEP);
2304 shmd_new->shm_lckpgs = 0;
2305 if (hat_supported(HAT_DYNAMIC_ISM_UNMAP, (void *)0)) {
2306 if ((error = hat_share(newseg->s_as->a_hat,
2307 newseg->s_base, shmd->shm_sptas->a_hat, SEGSPTADDR,
2308 seg->s_size, seg->s_szc)) != 0) {
2309 kmem_free(shmd_new->shm_vpage,
2310 btopr(amp->size));
2311 }
2312 }
2313 return (error);
2314 } else {
2315 return (hat_share(newseg->s_as->a_hat, newseg->s_base,
2316 shmd->shm_sptas->a_hat, SEGSPTADDR, seg->s_size,
2317 seg->s_szc));
2318
2319 }
2320 }
2321
2322 /*ARGSUSED*/
2323 int
2324 segspt_shmcheckprot(struct seg *seg, caddr_t addr, size_t size, uint_t prot)
2325 {
2326 struct shm_data *shmd = (struct shm_data *)seg->s_data;
2327 struct spt_data *sptd = (struct spt_data *)shmd->shm_sptseg->s_data;
2328
2329 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
2330
2331 /*
2332 * ISM segment is always rw.
2333 */
2334 return (((sptd->spt_prot & prot) != prot) ? EACCES : 0);
2335 }
2336
2337 /*
2338 * Return an array of locked large pages, for empty slots allocate
2339 * private zero-filled anon pages.
2340 */
2341 static int
2342 spt_anon_getpages(
2343 struct seg *sptseg,
2344 caddr_t sptaddr,
2345 size_t len,
2346 page_t *ppa[])
2347 {
2348 struct spt_data *sptd = sptseg->s_data;
2349 struct anon_map *amp = sptd->spt_amp;
2350 enum seg_rw rw = sptd->spt_prot;
2351 uint_t szc = sptseg->s_szc;
2352 size_t pg_sz, share_sz = page_get_pagesize(szc);
2353 pgcnt_t lp_npgs;
2354 caddr_t lp_addr, e_sptaddr;
2355 uint_t vpprot, ppa_szc = 0;
2356 struct vpage *vpage = NULL;
2357 ulong_t j, ppa_idx;
2358 int err, ierr = 0;
2359 pgcnt_t an_idx;
2360 anon_sync_obj_t cookie;
2361 int anon_locked = 0;
2362 pgcnt_t amp_pgs;
2363
2364
2365 ASSERT(IS_P2ALIGNED(sptaddr, share_sz) && IS_P2ALIGNED(len, share_sz));
2366 ASSERT(len != 0);
2367
2368 pg_sz = share_sz;
2369 lp_npgs = btop(pg_sz);
2370 lp_addr = sptaddr;
2371 e_sptaddr = sptaddr + len;
2372 an_idx = seg_page(sptseg, sptaddr);
2373 ppa_idx = 0;
2374
2375 ANON_LOCK_ENTER(&->a_rwlock, RW_READER);
2376
2377 amp_pgs = page_get_pagecnt(amp->a_szc);
2378
2379 /*CONSTCOND*/
2380 while (1) {
2381 for (; lp_addr < e_sptaddr;
2382 an_idx += lp_npgs, lp_addr += pg_sz, ppa_idx += lp_npgs) {
2383
2384 /*
2385 * If we're currently locked, and we get to a new
2386 * page, unlock our current anon chunk.
2387 */
2388 if (anon_locked && P2PHASE(an_idx, amp_pgs) == 0) {
2389 anon_array_exit(&cookie);
2390 anon_locked = 0;
2391 }
2392 if (!anon_locked) {
2393 anon_array_enter(amp, an_idx, &cookie);
2394 anon_locked = 1;
2395 }
2396 ppa_szc = (uint_t)-1;
2397 ierr = anon_map_getpages(amp, an_idx, szc, sptseg,
2398 lp_addr, sptd->spt_prot, &vpprot, &ppa[ppa_idx],
2399 &ppa_szc, vpage, rw, 0, segvn_anypgsz, 0, kcred);
2400
2401 if (ierr != 0) {
2402 if (ierr > 0) {
2403 err = FC_MAKE_ERR(ierr);
2404 goto lpgs_err;
2405 }
2406 break;
2407 }
2408 }
2409 if (lp_addr == e_sptaddr) {
2410 break;
2411 }
2412 ASSERT(lp_addr < e_sptaddr);
2413
2414 /*
2415 * ierr == -1 means we failed to allocate a large page.
2416 * so do a size down operation.
2417 *
2418 * ierr == -2 means some other process that privately shares
2419 * pages with this process has allocated a larger page and we
2420 * need to retry with larger pages. So do a size up
2421 * operation. This relies on the fact that large pages are
2422 * never partially shared i.e. if we share any constituent
2423 * page of a large page with another process we must share the
2424 * entire large page. Note this cannot happen for SOFTLOCK
2425 * case, unless current address (lpaddr) is at the beginning
2426 * of the next page size boundary because the other process
2427 * couldn't have relocated locked pages.
2428 */
2429 ASSERT(ierr == -1 || ierr == -2);
2430 if (segvn_anypgsz) {
2431 ASSERT(ierr == -2 || szc != 0);
2432 ASSERT(ierr == -1 || szc < sptseg->s_szc);
2433 szc = (ierr == -1) ? szc - 1 : szc + 1;
2434 } else {
2435 /*
2436 * For faults and segvn_anypgsz == 0
2437 * we need to be careful not to loop forever
2438 * if existing page is found with szc other
2439 * than 0 or seg->s_szc. This could be due
2440 * to page relocations on behalf of DR or
2441 * more likely large page creation. For this
2442 * case simply re-size to existing page's szc
2443 * if returned by anon_map_getpages().
2444 */
2445 if (ppa_szc == (uint_t)-1) {
2446 szc = (ierr == -1) ? 0 : sptseg->s_szc;
2447 } else {
2448 ASSERT(ppa_szc <= sptseg->s_szc);
2449 ASSERT(ierr == -2 || ppa_szc < szc);
2450 ASSERT(ierr == -1 || ppa_szc > szc);
2451 szc = ppa_szc;
2452 }
2453 }
2454 pg_sz = page_get_pagesize(szc);
2455 lp_npgs = btop(pg_sz);
2456 ASSERT(IS_P2ALIGNED(lp_addr, pg_sz));
2457 }
2458 if (anon_locked) {
2459 anon_array_exit(&cookie);
2460 }
2461 ANON_LOCK_EXIT(&->a_rwlock);
2462 return (0);
2463
2464 lpgs_err:
2465 if (anon_locked) {
2466 anon_array_exit(&cookie);
2467 }
2468 ANON_LOCK_EXIT(&->a_rwlock);
2469 for (j = 0; j < ppa_idx; j++)
2470 page_unlock(ppa[j]);
2471 return (err);
2472 }
2473
2474 /*
2475 * count the number of bytes in a set of spt pages that are currently not
2476 * locked
2477 */
2478 static rctl_qty_t
2479 spt_unlockedbytes(pgcnt_t npages, page_t **ppa)
2480 {
2481 ulong_t i;
2482 rctl_qty_t unlocked = 0;
2483
2484 for (i = 0; i < npages; i++) {
2485 if (ppa[i]->p_lckcnt == 0)
2486 unlocked += PAGESIZE;
2487 }
2488 return (unlocked);
2489 }
2490
2491 extern u_longlong_t randtick(void);
2492 /* number of locks to reserve/skip by spt_lockpages() and spt_unlockpages() */
2493 #define NLCK (NCPU_P2)
2494 /* Random number with a range [0, n-1], n must be power of two */
2495 #define RAND_P2(n) \
2496 ((((long)curthread >> PTR24_LSB) ^ (long)randtick()) & ((n) - 1))
2497
2498 int
2499 spt_lockpages(struct seg *seg, pgcnt_t anon_index, pgcnt_t npages,
2500 page_t **ppa, ulong_t *lockmap, size_t pos,
2501 rctl_qty_t *locked)
2502 {
2503 struct shm_data *shmd = seg->s_data;
2504 struct spt_data *sptd = shmd->shm_sptseg->s_data;
2505 ulong_t i;
2506 int kernel;
2507 pgcnt_t nlck = 0;
2508 int rv = 0;
2509 int use_reserved = 1;
2510
2511 /* return the number of bytes actually locked */
2512 *locked = 0;
2513
2514 /*
2515 * To avoid contention on freemem_lock, availrmem and pages_locked
2516 * global counters are updated only every nlck locked pages instead of
2517 * every time. Reserve nlck locks up front and deduct from this
2518 * reservation for each page that requires a lock. When the reservation
2519 * is consumed, reserve again. nlck is randomized, so the competing
2520 * threads do not fall into a cyclic lock contention pattern. When
2521 * memory is low, the lock ahead is disabled, and instead page_pp_lock()
2522 * is used to lock pages.
2523 */
2524 for (i = 0; i < npages; anon_index++, pos++, i++) {
2525 if (nlck == 0 && use_reserved == 1) {
2526 nlck = NLCK + RAND_P2(NLCK);
2527 /* if fewer loops left, decrease nlck */
2528 nlck = MIN(nlck, npages - i);
2529 /*
2530 * Reserve nlck locks up front and deduct from this
2531 * reservation for each page that requires a lock. When
2532 * the reservation is consumed, reserve again.
2533 */
2534 mutex_enter(&freemem_lock);
2535 if ((availrmem - nlck) < pages_pp_maximum) {
2536 /* Do not do advance memory reserves */
2537 use_reserved = 0;
2538 } else {
2539 availrmem -= nlck;
2540 pages_locked += nlck;
2541 }
2542 mutex_exit(&freemem_lock);
2543 }
2544 if (!(shmd->shm_vpage[anon_index] & DISM_PG_LOCKED)) {
2545 if (sptd->spt_ppa_lckcnt[anon_index] <
2546 (ushort_t)DISM_LOCK_MAX) {
2547 if (++sptd->spt_ppa_lckcnt[anon_index] ==
2548 (ushort_t)DISM_LOCK_MAX) {
2549 cmn_err(CE_WARN,
2550 "DISM page lock limit "
2551 "reached on DISM offset 0x%lx\n",
2552 anon_index << PAGESHIFT);
2553 }
2554 kernel = (sptd->spt_ppa &&
2555 sptd->spt_ppa[anon_index]);
2556 if (!page_pp_lock(ppa[i], 0, kernel ||
2557 use_reserved)) {
2558 sptd->spt_ppa_lckcnt[anon_index]--;
2559 rv = EAGAIN;
2560 break;
2561 }
2562 /* if this is a newly locked page, count it */
2563 if (ppa[i]->p_lckcnt == 1) {
2564 if (kernel == 0 && use_reserved == 1)
2565 nlck--;
2566 *locked += PAGESIZE;
2567 }
2568 shmd->shm_lckpgs++;
2569 shmd->shm_vpage[anon_index] |= DISM_PG_LOCKED;
2570 if (lockmap != NULL)
2571 BT_SET(lockmap, pos);
2572 }
2573 }
2574 }
2575 /* Return unused lock reservation */
2576 if (nlck != 0 && use_reserved == 1) {
2577 mutex_enter(&freemem_lock);
2578 availrmem += nlck;
2579 pages_locked -= nlck;
2580 mutex_exit(&freemem_lock);
2581 }
2582
2583 return (rv);
2584 }
2585
2586 int
2587 spt_unlockpages(struct seg *seg, pgcnt_t anon_index, pgcnt_t npages,
2588 rctl_qty_t *unlocked)
2589 {
2590 struct shm_data *shmd = seg->s_data;
2591 struct spt_data *sptd = shmd->shm_sptseg->s_data;
2592 struct anon_map *amp = sptd->spt_amp;
2593 struct anon *ap;
2594 struct vnode *vp;
2595 u_offset_t off;
2596 struct page *pp;
2597 int kernel;
2598 anon_sync_obj_t cookie;
2599 ulong_t i;
2600 pgcnt_t nlck = 0;
2601 pgcnt_t nlck_limit = NLCK;
2602
2603 ANON_LOCK_ENTER(&->a_rwlock, RW_READER);
2604 for (i = 0; i < npages; i++, anon_index++) {
2605 if (shmd->shm_vpage[anon_index] & DISM_PG_LOCKED) {
2606 anon_array_enter(amp, anon_index, &cookie);
2607 ap = anon_get_ptr(amp->ahp, anon_index);
2608 ASSERT(ap);
2609
2610 swap_xlate(ap, &vp, &off);
2611 anon_array_exit(&cookie);
2612 pp = page_lookup(vp, off, SE_SHARED);
2613 ASSERT(pp);
2614 /*
2615 * availrmem is decremented only for pages which are not
2616 * in seg pcache, for pages in seg pcache availrmem was
2617 * decremented in _dismpagelock()
2618 */
2619 kernel = (sptd->spt_ppa && sptd->spt_ppa[anon_index]);
2620 ASSERT(pp->p_lckcnt > 0);
2621
2622 /*
2623 * lock page but do not change availrmem, we do it
2624 * ourselves every nlck loops.
2625 */
2626 page_pp_unlock(pp, 0, 1);
2627 if (pp->p_lckcnt == 0) {
2628 if (kernel == 0)
2629 nlck++;
2630 *unlocked += PAGESIZE;
2631 }
2632 page_unlock(pp);
2633 shmd->shm_vpage[anon_index] &= ~DISM_PG_LOCKED;
2634 sptd->spt_ppa_lckcnt[anon_index]--;
2635 shmd->shm_lckpgs--;
2636 }
2637
2638 /*
2639 * To reduce freemem_lock contention, do not update availrmem
2640 * until at least NLCK pages have been unlocked.
2641 * 1. No need to update if nlck is zero
2642 * 2. Always update if the last iteration
2643 */
2644 if (nlck > 0 && (nlck == nlck_limit || i == npages - 1)) {
2645 mutex_enter(&freemem_lock);
2646 availrmem += nlck;
2647 pages_locked -= nlck;
2648 mutex_exit(&freemem_lock);
2649 nlck = 0;
2650 nlck_limit = NLCK + RAND_P2(NLCK);
2651 }
2652 }
2653 ANON_LOCK_EXIT(&->a_rwlock);
2654
2655 return (0);
2656 }
2657
2658 /*ARGSUSED*/
2659 static int
2660 segspt_shmlockop(struct seg *seg, caddr_t addr, size_t len,
2661 int attr, int op, ulong_t *lockmap, size_t pos)
2662 {
2663 struct shm_data *shmd = seg->s_data;
2664 struct seg *sptseg = shmd->shm_sptseg;
2665 struct spt_data *sptd = sptseg->s_data;
2666 struct kshmid *sp = sptd->spt_amp->a_sp;
2667 pgcnt_t npages, a_npages;
2668 page_t **ppa;
2669 pgcnt_t an_idx, a_an_idx, ppa_idx;
2670 caddr_t spt_addr, a_addr; /* spt and aligned address */
2671 size_t a_len; /* aligned len */
2672 size_t share_sz;
2673 ulong_t i;
2674 int sts = 0;
2675 rctl_qty_t unlocked = 0;
2676 rctl_qty_t locked = 0;
2677 struct proc *p = curproc;
2678 kproject_t *proj;
2679
2680 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
2681 ASSERT(sp != NULL);
2682
2683 if ((sptd->spt_flags & SHM_PAGEABLE) == 0) {
2684 return (0);
2685 }
2686
2687 addr = (caddr_t)((uintptr_t)addr & (uintptr_t)PAGEMASK);
2688 an_idx = seg_page(seg, addr);
2689 npages = btopr(len);
2690
2691 if (an_idx + npages > btopr(shmd->shm_amp->size)) {
2692 return (ENOMEM);
2693 }
2694
2695 /*
2696 * A shm's project never changes, so no lock needed.
2697 * The shm has a hold on the project, so it will not go away.
2698 * Since we have a mapping to shm within this zone, we know
2699 * that the zone will not go away.
2700 */
2701 proj = sp->shm_perm.ipc_proj;
2702
2703 if (op == MC_LOCK) {
2704
2705 /*
2706 * Need to align addr and size request if they are not
2707 * aligned so we can always allocate large page(s) however
2708 * we only lock what was requested in initial request.
2709 */
2710 share_sz = page_get_pagesize(sptseg->s_szc);
2711 a_addr = (caddr_t)P2ALIGN((uintptr_t)(addr), share_sz);
2712 a_len = P2ROUNDUP((uintptr_t)(((addr + len) - a_addr)),
2713 share_sz);
2714 a_npages = btop(a_len);
2715 a_an_idx = seg_page(seg, a_addr);
2716 spt_addr = sptseg->s_base + ptob(a_an_idx);
2717 ppa_idx = an_idx - a_an_idx;
2718
2719 if ((ppa = kmem_zalloc(((sizeof (page_t *)) * a_npages),
2720 KM_NOSLEEP)) == NULL) {
2721 return (ENOMEM);
2722 }
2723
2724 /*
2725 * Don't cache any new pages for IO and
2726 * flush any cached pages.
2727 */
2728 mutex_enter(&sptd->spt_lock);
2729 if (sptd->spt_ppa != NULL)
2730 sptd->spt_flags |= DISM_PPA_CHANGED;
2731
2732 sts = spt_anon_getpages(sptseg, spt_addr, a_len, ppa);
2733 if (sts != 0) {
2734 mutex_exit(&sptd->spt_lock);
2735 kmem_free(ppa, ((sizeof (page_t *)) * a_npages));
2736 return (sts);
2737 }
2738
2739 mutex_enter(&sp->shm_mlock);
2740 /* enforce locked memory rctl */
2741 unlocked = spt_unlockedbytes(npages, &ppa[ppa_idx]);
2742
2743 mutex_enter(&p->p_lock);
2744 if (rctl_incr_locked_mem(p, proj, unlocked, 0)) {
2745 mutex_exit(&p->p_lock);
2746 sts = EAGAIN;
2747 } else {
2748 mutex_exit(&p->p_lock);
2749 sts = spt_lockpages(seg, an_idx, npages,
2750 &ppa[ppa_idx], lockmap, pos, &locked);
2751
2752 /*
2753 * correct locked count if not all pages could be
2754 * locked
2755 */
2756 if ((unlocked - locked) > 0) {
2757 rctl_decr_locked_mem(NULL, proj,
2758 (unlocked - locked), 0);
2759 }
2760 }
2761 /*
2762 * unlock pages
2763 */
2764 for (i = 0; i < a_npages; i++)
2765 page_unlock(ppa[i]);
2766 if (sptd->spt_ppa != NULL)
2767 sptd->spt_flags |= DISM_PPA_CHANGED;
2768 mutex_exit(&sp->shm_mlock);
2769 mutex_exit(&sptd->spt_lock);
2770
2771 kmem_free(ppa, ((sizeof (page_t *)) * a_npages));
2772
2773 } else if (op == MC_UNLOCK) { /* unlock */
2774 page_t **ppa;
2775
2776 mutex_enter(&sptd->spt_lock);
2777 if (shmd->shm_lckpgs == 0) {
2778 mutex_exit(&sptd->spt_lock);
2779 return (0);
2780 }
2781 /*
2782 * Don't cache new IO pages.
2783 */
2784 if (sptd->spt_ppa != NULL)
2785 sptd->spt_flags |= DISM_PPA_CHANGED;
2786
2787 mutex_enter(&sp->shm_mlock);
2788 sts = spt_unlockpages(seg, an_idx, npages, &unlocked);
2789 if ((ppa = sptd->spt_ppa) != NULL)
2790 sptd->spt_flags |= DISM_PPA_CHANGED;
2791 mutex_exit(&sptd->spt_lock);
2792
2793 rctl_decr_locked_mem(NULL, proj, unlocked, 0);
2794 mutex_exit(&sp->shm_mlock);
2795
2796 if (ppa != NULL)
2797 seg_ppurge_wiredpp(ppa);
2798 }
2799 return (sts);
2800 }
2801
2802 /*ARGSUSED*/
2803 int
2804 segspt_shmgetprot(struct seg *seg, caddr_t addr, size_t len, uint_t *protv)
2805 {
2806 struct shm_data *shmd = (struct shm_data *)seg->s_data;
2807 struct spt_data *sptd = (struct spt_data *)shmd->shm_sptseg->s_data;
2808 spgcnt_t pgno = seg_page(seg, addr+len) - seg_page(seg, addr) + 1;
2809
2810 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
2811
2812 /*
2813 * ISM segment is always rw.
2814 */
2815 while (--pgno >= 0)
2816 *protv++ = sptd->spt_prot;
2817 return (0);
2818 }
2819
2820 /*ARGSUSED*/
2821 u_offset_t
2822 segspt_shmgetoffset(struct seg *seg, caddr_t addr)
2823 {
2824 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
2825
2826 /* Offset does not matter in ISM memory */
2827
2828 return ((u_offset_t)0);
2829 }
2830
2831 /* ARGSUSED */
2832 int
2833 segspt_shmgettype(struct seg *seg, caddr_t addr)
2834 {
2835 struct shm_data *shmd = (struct shm_data *)seg->s_data;
2836 struct spt_data *sptd = (struct spt_data *)shmd->shm_sptseg->s_data;
2837
2838 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
2839
2840 /*
2841 * The shared memory mapping is always MAP_SHARED, SWAP is only
2842 * reserved for DISM
2843 */
2844 return (MAP_SHARED |
2845 ((sptd->spt_flags & SHM_PAGEABLE) ? 0 : MAP_NORESERVE));
2846 }
2847
2848 /*ARGSUSED*/
2849 int
2850 segspt_shmgetvp(struct seg *seg, caddr_t addr, struct vnode **vpp)
2851 {
2852 struct shm_data *shmd = (struct shm_data *)seg->s_data;
2853 struct spt_data *sptd = (struct spt_data *)shmd->shm_sptseg->s_data;
2854
2855 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
2856
2857 *vpp = sptd->spt_vp;
2858 return (0);
2859 }
2860
2861 /*
2862 * We need to wait for pending IO to complete to a DISM segment in order for
2863 * pages to get kicked out of the seg_pcache. 120 seconds should be more
2864 * than enough time to wait.
2865 */
2866 static clock_t spt_pcache_wait = 120;
2867
2868 /*ARGSUSED*/
2869 static int
2870 segspt_shmadvise(struct seg *seg, caddr_t addr, size_t len, uint_t behav)
2871 {
2872 struct shm_data *shmd = (struct shm_data *)seg->s_data;
2873 struct spt_data *sptd = (struct spt_data *)shmd->shm_sptseg->s_data;
2874 struct anon_map *amp;
2875 pgcnt_t pg_idx;
2876 ushort_t gen;
2877 clock_t end_lbolt;
2878 int writer;
2879 page_t **ppa;
2880
2881 ASSERT(seg->s_as && AS_LOCK_HELD(seg->s_as, &seg->s_as->a_lock));
2882
2883 if (behav == MADV_FREE) {
2884 if ((sptd->spt_flags & SHM_PAGEABLE) == 0)
2885 return (0);
2886
2887 amp = sptd->spt_amp;
2888 pg_idx = seg_page(seg, addr);
2889
2890 mutex_enter(&sptd->spt_lock);
2891 if ((ppa = sptd->spt_ppa) == NULL) {
2892 mutex_exit(&sptd->spt_lock);
2893 ANON_LOCK_ENTER(&->a_rwlock, RW_READER);
2894 anon_disclaim(amp, pg_idx, len);
2895 ANON_LOCK_EXIT(&->a_rwlock);
2896 return (0);
2897 }
2898
2899 sptd->spt_flags |= DISM_PPA_CHANGED;
2900 gen = sptd->spt_gen;
2901
2902 mutex_exit(&sptd->spt_lock);
2903
2904 /*
2905 * Purge all DISM cached pages
2906 */
2907 seg_ppurge_wiredpp(ppa);
2908
2909 /*
2910 * Drop the AS_LOCK so that other threads can grab it
2911 * in the as_pageunlock path and hopefully get the segment
2912 * kicked out of the seg_pcache. We bump the shm_softlockcnt
2913 * to keep this segment resident.
2914 */
2915 writer = AS_WRITE_HELD(seg->s_as, &seg->s_as->a_lock);
2916 atomic_inc_ulong((ulong_t *)(&(shmd->shm_softlockcnt)));
2917 AS_LOCK_EXIT(seg->s_as, &seg->s_as->a_lock);
2918
2919 mutex_enter(&sptd->spt_lock);
2920
2921 end_lbolt = ddi_get_lbolt() + (hz * spt_pcache_wait);
2922
2923 /*
2924 * Try to wait for pages to get kicked out of the seg_pcache.
2925 */
2926 while (sptd->spt_gen == gen &&
2927 (sptd->spt_flags & DISM_PPA_CHANGED) &&
2928 ddi_get_lbolt() < end_lbolt) {
2929 if (!cv_timedwait_sig(&sptd->spt_cv,
2930 &sptd->spt_lock, end_lbolt)) {
2931 break;
2932 }
2933 }
2934
2935 mutex_exit(&sptd->spt_lock);
2936
2937 /* Regrab the AS_LOCK and release our hold on the segment */
2938 AS_LOCK_ENTER(seg->s_as, &seg->s_as->a_lock,
2939 writer ? RW_WRITER : RW_READER);
2940 atomic_dec_ulong((ulong_t *)(&(shmd->shm_softlockcnt)));
2941 if (shmd->shm_softlockcnt <= 0) {
2942 if (AS_ISUNMAPWAIT(seg->s_as)) {
2943 mutex_enter(&seg->s_as->a_contents);
2944 if (AS_ISUNMAPWAIT(seg->s_as)) {
2945 AS_CLRUNMAPWAIT(seg->s_as);
2946 cv_broadcast(&seg->s_as->a_cv);
2947 }
2948 mutex_exit(&seg->s_as->a_contents);
2949 }
2950 }
2951
2952 ANON_LOCK_ENTER(&->a_rwlock, RW_READER);
2953 anon_disclaim(amp, pg_idx, len);
2954 ANON_LOCK_EXIT(&->a_rwlock);
2955 } else if (lgrp_optimizations() && (behav == MADV_ACCESS_LWP ||
2956 behav == MADV_ACCESS_MANY || behav == MADV_ACCESS_DEFAULT)) {
2957 int already_set;
2958 ulong_t anon_index;
2959 lgrp_mem_policy_t policy;
2960 caddr_t shm_addr;
2961 size_t share_size;
2962 size_t size;
2963 struct seg *sptseg = shmd->shm_sptseg;
2964 caddr_t sptseg_addr;
2965
2966 /*
2967 * Align address and length to page size of underlying segment
2968 */
2969 share_size = page_get_pagesize(shmd->shm_sptseg->s_szc);
2970 shm_addr = (caddr_t)P2ALIGN((uintptr_t)(addr), share_size);
2971 size = P2ROUNDUP((uintptr_t)(((addr + len) - shm_addr)),
2972 share_size);
2973
2974 amp = shmd->shm_amp;
2975 anon_index = seg_page(seg, shm_addr);
2976
2977 /*
2978 * And now we may have to adjust size downward if we have
2979 * exceeded the realsize of the segment or initial anon
2980 * allocations.
2981 */
2982 sptseg_addr = sptseg->s_base + ptob(anon_index);
2983 if ((sptseg_addr + size) >
2984 (sptseg->s_base + sptd->spt_realsize))
2985 size = (sptseg->s_base + sptd->spt_realsize) -
2986 sptseg_addr;
2987
2988 /*
2989 * Set memory allocation policy for this segment
2990 */
2991 policy = lgrp_madv_to_policy(behav, len, MAP_SHARED);
2992 already_set = lgrp_shm_policy_set(policy, amp, anon_index,
2993 NULL, 0, len);
2994
2995 /*
2996 * If random memory allocation policy set already,
2997 * don't bother reapplying it.
2998 */
2999 if (already_set && !LGRP_MEM_POLICY_REAPPLICABLE(policy))
3000 return (0);
3001
3002 /*
3003 * Mark any existing pages in the given range for
3004 * migration, flushing the I/O page cache, and using
3005 * underlying segment to calculate anon index and get
3006 * anonmap and vnode pointer from
3007 */
3008 if (shmd->shm_softlockcnt > 0)
3009 segspt_purge(seg);
3010
3011 page_mark_migrate(seg, shm_addr, size, amp, 0, NULL, 0, 0);
3012 }
3013
3014 return (0);
3015 }
3016
3017 /*ARGSUSED*/
3018 void
3019 segspt_shmdump(struct seg *seg)
3020 {
3021 /* no-op for ISM segment */
3022 }
3023
3024 /*ARGSUSED*/
3025 static faultcode_t
3026 segspt_shmsetpgsz(struct seg *seg, caddr_t addr, size_t len, uint_t szc)
3027 {
3028 return (ENOTSUP);
3029 }
3030
3031 /*
3032 * get a memory ID for an addr in a given segment
3033 */
3034 static int
3035 segspt_shmgetmemid(struct seg *seg, caddr_t addr, memid_t *memidp)
3036 {
3037 struct shm_data *shmd = (struct shm_data *)seg->s_data;
3038 struct anon *ap;
3039 size_t anon_index;
3040 struct anon_map *amp = shmd->shm_amp;
3041 struct spt_data *sptd = shmd->shm_sptseg->s_data;
3042 struct seg *sptseg = shmd->shm_sptseg;
3043 anon_sync_obj_t cookie;
3044
3045 anon_index = seg_page(seg, addr);
3046
3047 if (addr > (seg->s_base + sptd->spt_realsize)) {
3048 return (EFAULT);
3049 }
3050
3051 ANON_LOCK_ENTER(&->a_rwlock, RW_READER);
3052 anon_array_enter(amp, anon_index, &cookie);
3053 ap = anon_get_ptr(amp->ahp, anon_index);
3054 if (ap == NULL) {
3055 struct page *pp;
3056 caddr_t spt_addr = sptseg->s_base + ptob(anon_index);
3057
3058 pp = anon_zero(sptseg, spt_addr, &ap, kcred);
3059 if (pp == NULL) {
3060 anon_array_exit(&cookie);
3061 ANON_LOCK_EXIT(&->a_rwlock);
3062 return (ENOMEM);
3063 }
3064 (void) anon_set_ptr(amp->ahp, anon_index, ap, ANON_SLEEP);
3065 page_unlock(pp);
3066 }
3067 anon_array_exit(&cookie);
3068 ANON_LOCK_EXIT(&->a_rwlock);
3069 memidp->val[0] = (uintptr_t)ap;
3070 memidp->val[1] = (uintptr_t)addr & PAGEOFFSET;
3071 return (0);
3072 }
3073
3074 /*
3075 * Get memory allocation policy info for specified address in given segment
3076 */
3077 static lgrp_mem_policy_info_t *
3078 segspt_shmgetpolicy(struct seg *seg, caddr_t addr)
3079 {
3080 struct anon_map *amp;
3081 ulong_t anon_index;
3082 lgrp_mem_policy_info_t *policy_info;
3083 struct shm_data *shm_data;
3084
3085 ASSERT(seg != NULL);
3086
3087 /*
3088 * Get anon_map from segshm
3089 *
3090 * Assume that no lock needs to be held on anon_map, since
3091 * it should be protected by its reference count which must be
3092 * nonzero for an existing segment
3093 * Need to grab readers lock on policy tree though
3094 */
3095 shm_data = (struct shm_data *)seg->s_data;
3096 if (shm_data == NULL)
3097 return (NULL);
3098 amp = shm_data->shm_amp;
3099 ASSERT(amp->refcnt != 0);
3100
3101 /*
3102 * Get policy info
3103 *
3104 * Assume starting anon index of 0
3105 */
3106 anon_index = seg_page(seg, addr);
3107 policy_info = lgrp_shm_policy_get(amp, anon_index, NULL, 0);
3108
3109 return (policy_info);
3110 }
3111
3112 /*ARGSUSED*/
3113 static int
3114 segspt_shmcapable(struct seg *seg, segcapability_t capability)
3115 {
3116 return (0);
3117 }
--- EOF ---