 @@ -1,1769 +1,1769 @@
-/*	$NetBSD: pmap.c,v 1.119 2011/04/14 16:00:21 yamt Exp $	*/
+/*	$NetBSD: pmap.c,v 1.120 2011/04/27 07:42:11 plunky Exp $	*/
 /*
  * Copyright (c) 2007 Manuel Bouyer.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
  */
 /*
  * Copyright (c) 2006 Mathieu Ropert <mro@adviseo.fr>
+ *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
+ *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 /*
  * Copyright (c) 1997 Charles D. Cranor and Washington University.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * Copyright 2001 (c) Wasabi Systems, Inc.
  * All rights reserved.
+ *
  * Written by Frank van der Linden for Wasabi Systems, Inc.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. All advertising materials mentioning features or use of this software
  *    must display the following acknowledgement:
  *      This product includes software developed for the NetBSD Project by
  *      Wasabi Systems, Inc.
  * 4. The name of Wasabi Systems, Inc. may not be used to endorse
  *    or promote products derived from this software without specific prior
  *    written permission.
+ *
  * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL WASABI SYSTEMS, INC
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * This is the i386 pmap modified and generalized to support x86-64
  * as well. The idea is to hide the upper N levels of the page tables
  * inside pmap_get_ptp, pmap_free_ptp and pmap_growkernel. The rest
  * is mostly untouched, except that it uses some more generalized
  * macros and interfaces.
+ *
  * This pmap has been tested on the i386 as well, and it can be easily
  * adapted to PAE.
+ *
  * fvdl@wasabisystems.com 18-Jun-2001
  */
 /*
  * pmap.c: i386 pmap module rewrite
  * Chuck Cranor <chuck@netbsd>
  * 11-Aug-97
+ *
  * history of this pmap module: in addition to my own input, i used
  *    the following references for this rewrite of the i386 pmap:
+ *
  * [1] the NetBSD i386 pmap.   this pmap appears to be based on the
  *     BSD hp300 pmap done by Mike Hibler at University of Utah.
  *     it was then ported to the i386 by William Jolitz of UUNET
  *     Technologies, Inc.   Then Charles M. Hannum of the NetBSD
  *     project fixed some bugs and provided some speed ups.
+ *
  * [2] the FreeBSD i386 pmap.   this pmap seems to be the
  *     Hibler/Jolitz pmap, as modified for FreeBSD by John S. Dyson
  *     and David Greenman.
+ *
  * [3] the Mach pmap.   this pmap, from CMU, seems to have migrated
  *     between several processors.   the VAX version was done by
  *     Avadis Tevanian, Jr., and Michael Wayne Young.    the i386
  *     version was done by Lance Berc, Mike Kupfer, Bob Baron,
  *     David Golub, and Richard Draves.    the alpha version was
  *     done by Alessandro Forin (CMU/Mach) and Chris Demetriou
  *     (NetBSD/alpha).
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: pmap.c,v 1.119 2011/04/14 16:00:21 yamt Exp $");
+__KERNEL_RCSID(0, "$NetBSD: pmap.c,v 1.120 2011/04/27 07:42:11 plunky Exp $");
 #include "opt_user_ldt.h"
 #include "opt_lockdebug.h"
 #include "opt_multiprocessor.h"
 #include "opt_xen.h"
 #if !defined(__x86_64__)
 #include "opt_kstack_dr0.h"
 #endif /* !defined(__x86_64__) */
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/proc.h>
 #include <sys/pool.h>
 #include <sys/kernel.h>
 #include <sys/atomic.h>
 #include <sys/cpu.h>
 #include <sys/intr.h>
 #include <sys/xcall.h>
 #include <uvm/uvm.h>
 #include <dev/isa/isareg.h>
 #include <machine/specialreg.h>
 #include <machine/gdt.h>
 #include <machine/isa_machdep.h>
 #include <machine/cpuvar.h>
 #include <x86/pmap.h>
 #include <x86/pmap_pv.h>
 #include <x86/i82489reg.h>
 #include <x86/i82489var.h>
 #ifdef XEN
 #include <xen/xen3-public/xen.h>
 #include <xen/hypervisor.h>
 #endif
 /* flag to be used for kernel mappings: PG_u on Xen/amd64, 0 otherwise */
 #if defined(XEN) && defined(__x86_64__)
 #define PG_k PG_u
 #else
 #define PG_k 0
 #endif
 /*
  * general info:
+ *
  *  - for an explanation of how the i386 MMU hardware works see
  *    the comments in <machine/pte.h>.
+ *
  *  - for an explanation of the general memory structure used by
  *    this pmap (including the recursive mapping), see the comments
  *    in <machine/pmap.h>.
+ *
  * this file contains the code for the "pmap module."   the module's
  * job is to manage the hardware's virtual to physical address mappings.
  * note that there are two levels of mapping in the VM system:
+ *
  *  [1] the upper layer of the VM system uses vm_map's and vm_map_entry's
  *      to map ranges of virtual address space to objects/files.  for
  *      example, the vm_map may say: "map VA 0x1000 to 0x22000 read-only
  *      to the file /bin/ls starting at offset zero."   note that
  *      the upper layer mapping is not concerned with how individual
  *      vm_pages are mapped.
+ *
  *  [2] the lower layer of the VM system (the pmap) maintains the mappings
  *      from virtual addresses.   it is concerned with which vm_page is
  *      mapped where.   for example, when you run /bin/ls and start
  *      at page 0x1000 the fault routine may lookup the correct page
  *      of the /bin/ls file and then ask the pmap layer to establish
  *      a mapping for it.
+ *
  * note that information in the lower layer of the VM system can be
  * thrown away since it can easily be reconstructed from the info
  * in the upper layer.
+ *
  * data structures we use include:
+ *
  *  - struct pmap: describes the address space of one thread
  *  - struct pv_entry: describes one <PMAP,VA> mapping of a PA
  *  - struct pv_head: there is one pv_head per managed page of
  *	physical memory.   the pv_head points to a list of pv_entry
  *	structures which describe all the <PMAP,VA> pairs that this
  *      page is mapped in.    this is critical for page based operations
  *      such as pmap_page_protect() [change protection on _all_ mappings
  *      of a page]
  */
 /*
  * memory allocation
+ *
  *  - there are three data structures that we must dynamically allocate:
+ *
  * [A] new process' page directory page (PDP)
  *	- plan 1: done at pmap_create() we use
  *	  uvm_km_alloc(kernel_map, PAGE_SIZE)  [fka kmem_alloc] to do this
  *	  allocation.
+ *
  * if we are low in free physical memory then we sleep in
  * uvm_km_alloc -- in this case this is ok since we are creating
  * a new pmap and should not be holding any locks.
+ *
  * if the kernel is totally out of virtual space
  * (i.e. uvm_km_alloc returns NULL), then we panic.
+ *
  * [B] new page tables pages (PTP)
  * 	- call uvm_pagealloc()
  * 		=> success: zero page, add to pm_pdir
  * 		=> failure: we are out of free vm_pages, let pmap_enter()
  *		   tell UVM about it.
+ *
  * note: for kernel PTPs, we start with NKPTP of them.   as we map
  * kernel memory (at uvm_map time) we check to see if we've grown
  * the kernel pmap.   if so, we call the optional function
  * pmap_growkernel() to grow the kernel PTPs in advance.
+ *
  * [C] pv_entry structures
  */
 /*
  * locking
+ *
  * we have the following locks that we must contend with:
+ *
  * mutexes:
+ *
  * - pmap lock (per pmap, part of uvm_object)
  *   this lock protects the fields in the pmap structure including
  *   the non-kernel PDEs in the PDP, and the PTEs.  it also locks
  *   in the alternate PTE space (since that is determined by the
  *   entry in the PDP).
+ *
  * - pvh_lock (per pv_head)
  *   this lock protects the pv_entry list which is chained off the
  *   pv_head structure for a specific managed PA.   it is locked
  *   when traversing the list (e.g. adding/removing mappings,
  *   syncing R/M bits, etc.)
+ *
  * - pmaps_lock
  *   this lock protects the list of active pmaps (headed by "pmaps").
  *   we lock it when adding or removing pmaps from this list.
+ *
  * tlb shootdown
+ *
  * tlb shootdowns are hard interrupts that operate outside the spl
  * framework: they don't need to be blocked provided that the pmap module
  * gets the order of events correct.  the calls are made by talking directly
  * to the lapic.  the stubs to handle the interrupts are quite short and do
  * one of the following: invalidate a single page, a range of pages, all
  * user tlb entries or the entire tlb.
+ *
  * the cpus synchronize with each other using pmap_mbox structures which are
  * aligned on 64-byte cache lines.  tlb shootdowns against the kernel pmap
  * use a global mailbox and are generated using a broadcast ipi (broadcast
  * to all but the sending cpu).  shootdowns against regular pmaps use
  * per-cpu mailboxes and are multicast.  kernel and user shootdowns can
  * execute simultaneously, as can shootdowns within different multithreaded
  * processes.  TODO:
+ *
  *   1. figure out which waitpoints can be deferered to pmap_update().
  *   2. see if there is a cheap way to batch some updates.
  */
 const vaddr_t ptp_masks[] = PTP_MASK_INITIALIZER;
 const int ptp_shifts[] = PTP_SHIFT_INITIALIZER;
 const long nkptpmax[] = NKPTPMAX_INITIALIZER;
 const long nbpd[] = NBPD_INITIALIZER;
 pd_entry_t * const normal_pdes[] = PDES_INITIALIZER;
 pd_entry_t * const alternate_pdes[] = APDES_INITIALIZER;
 long nkptp[] = NKPTP_INITIALIZER;
 static kmutex_t pmaps_lock;
 static vaddr_t pmap_maxkvaddr;
 #define COUNT(x)	/* nothing */
 /*
  * XXX kludge: dummy locking to make KASSERTs in uvm_page.c comfortable.
  * actual locking is done by pm_lock.
  */
 #if defined(DIAGNOSTIC)
 #define	PMAP_SUBOBJ_LOCK(pm, idx) \
 	KASSERT(mutex_owned(&(pm)->pm_lock)); \
 	if ((idx) != 0) \
 		mutex_enter(&(pm)->pm_obj[(idx)].vmobjlock)
 #define	PMAP_SUBOBJ_UNLOCK(pm, idx) \
 	KASSERT(mutex_owned(&(pm)->pm_lock)); \
 	if ((idx) != 0) \
 		mutex_exit(&(pm)->pm_obj[(idx)].vmobjlock)
 #else /* defined(DIAGNOSTIC) */
 #define	PMAP_SUBOBJ_LOCK(pm, idx)	/* nothing */
 #define	PMAP_SUBOBJ_UNLOCK(pm, idx)	/* nothing */
 #endif /* defined(DIAGNOSTIC) */
 /*
  * Misc. event counters.
  */
 struct evcnt pmap_iobmp_evcnt;
 struct evcnt pmap_ldt_evcnt;
 /*
  * Global TLB shootdown mailbox.
  */
 struct evcnt pmap_tlb_evcnt __aligned(64);
 struct pmap_mbox pmap_mbox __aligned(64);
 /*
  * PAT
  */
 #define	PATENTRY(n, type)	(type << ((n) * 8))
 #define	PAT_UC		0x0ULL
 #define	PAT_WC		0x1ULL
 #define	PAT_WT		0x4ULL
 #define	PAT_WP		0x5ULL
 #define	PAT_WB		0x6ULL
 #define	PAT_UCMINUS	0x7ULL
 static bool cpu_pat_enabled = false;
 /*
  * Per-CPU data.  The pmap mailbox is cache intensive so gets its
  * own line.  Note that the mailbox must be the first item.
  */
 struct pmap_cpu {
 	/* TLB shootdown */
 	struct pmap_mbox pc_mbox;
 };
 union {
 	struct pmap_cpu pc;
 	uint8_t padding[64];
 } pmap_cpu[MAXCPUS] __aligned(64);
 /*
  * global data structures
  */
 static struct pmap kernel_pmap_store;	/* the kernel's pmap (proc0) */
 struct pmap *const kernel_pmap_ptr = &kernel_pmap_store;
 /*
  * pmap_pg_g: if our processor supports PG_G in the PTE then we
  * set pmap_pg_g to PG_G (otherwise it is zero).
  */
 int pmap_pg_g = 0;
 /*
  * pmap_largepages: if our processor supports PG_PS and we are
  * using it, this is set to true.
  */
 int pmap_largepages;
 /*
  * i386 physical memory comes in a big contig chunk with a small
  * hole toward the front of it...  the following two paddr_t's
  * (shared with machdep.c) describe the physical address space
  * of this machine.
  */
 paddr_t avail_start;	/* PA of first available physical page */
 paddr_t avail_end;	/* PA of last available physical page */
 #ifdef XEN
 #ifdef __x86_64__
 /* Dummy PGD for user cr3, used between pmap_deactivate() and pmap_activate() */
 static paddr_t xen_dummy_user_pgd;
 #endif /* __x86_64__ */
 paddr_t pmap_pa_start; /* PA of first physical page for this domain */
 paddr_t pmap_pa_end;   /* PA of last physical page for this domain */
 #endif /* XEN */
 #define	VM_PAGE_TO_PP(pg)	(&(pg)->mdpage.mp_pp)
 #define	pp_lock(pp)	mutex_spin_enter(&(pp)->pp_lock)
 #define	pp_unlock(pp)	mutex_spin_exit(&(pp)->pp_lock)
 #define	pp_locked(pp)	mutex_owned(&(pp)->pp_lock)
 #define	PV_HASH_SIZE		32768
 #define	PV_HASH_LOCK_CNT	32
 struct pv_hash_lock {
 	kmutex_t lock;
 } __aligned(CACHE_LINE_SIZE) pv_hash_locks[PV_HASH_LOCK_CNT]
     __aligned(CACHE_LINE_SIZE);
 struct pv_hash_head {
 	SLIST_HEAD(, pv_entry) hh_list;
 } pv_hash_heads[PV_HASH_SIZE];
 static u_int
 pvhash_hash(struct vm_page *ptp, vaddr_t va)
+{
 	return (uintptr_t)ptp / sizeof(*ptp) + (va >> PAGE_SHIFT);
+}
 static struct pv_hash_head *
 pvhash_head(u_int hash)
+{
 	return &pv_hash_heads[hash % PV_HASH_SIZE];
+}
 static kmutex_t *
 pvhash_lock(u_int hash)
+{
 	return &pv_hash_locks[hash % PV_HASH_LOCK_CNT].lock;
+}
 static struct pv_entry *
 pvhash_remove(struct pv_hash_head *hh, struct vm_page *ptp, vaddr_t va)
+{
 	struct pv_entry *pve;
 	struct pv_entry *prev;
 	prev = NULL;
 	SLIST_FOREACH(pve, &hh->hh_list, pve_hash) {
 		if (pve->pve_pte.pte_ptp == ptp &&
 		    pve->pve_pte.pte_va == va) {
 			if (prev != NULL) {
 				SLIST_REMOVE_AFTER(prev, pve_hash);
 			} else {
 				SLIST_REMOVE_HEAD(&hh->hh_list, pve_hash);
+			}
 			break;
+		}
 		prev = pve;
+	}
 	return pve;
+}
 /*
  * other data structures
  */
 static pt_entry_t protection_codes[8];	/* maps MI prot to i386 prot code */
 static bool pmap_initialized = false;	/* pmap_init done yet? */
 /*
  * the following two vaddr_t's are used during system startup
  * to keep track of how much of the kernel's VM space we have used.
  * once the system is started, the management of the remaining kernel
  * VM space is turned over to the kernel_map vm_map.
  */
 static vaddr_t virtual_avail;	/* VA of first free KVA */
 static vaddr_t virtual_end;	/* VA of last free KVA */
 /*
  * linked list of all non-kernel pmaps
  */
 static struct pmap_head pmaps;
 /*
  * pool that pmap structures are allocated from
  */
 static struct pool_cache pmap_cache;
 /*
  * pv_entry cache
  */
 static struct pool_cache pmap_pv_cache;
 /*
  * MULTIPROCESSOR: special VA's/ PTE's are actually allocated inside a
  * maxcpus*NPTECL array of PTE's, to avoid cache line thrashing
  * due to false sharing.
  */
 #ifdef MULTIPROCESSOR
 #define PTESLEW(pte, id) ((pte)+(id)*NPTECL)
 #define VASLEW(va,id) ((va)+(id)*NPTECL*PAGE_SIZE)
 #else
 #define PTESLEW(pte, id) (pte)
 #define VASLEW(va,id) (va)
 #endif
 /*
  * special VAs and the PTEs that map them
  */
 static pt_entry_t *csrc_pte, *cdst_pte, *zero_pte, *ptp_pte, *early_zero_pte;
 static char *csrcp, *cdstp, *zerop, *ptpp, *early_zerop;
 int pmap_enter_default(pmap_t, vaddr_t, paddr_t, vm_prot_t, u_int);
 /*
  * pool and cache that PDPs are allocated from
  */
 static struct pool_cache pmap_pdp_cache;
 int	pmap_pdp_ctor(void *, void *, int);
 void	pmap_pdp_dtor(void *, void *);
 #ifdef PAE
 /* need to allocate items of 4 pages */
 void *pmap_pdp_alloc(struct pool *, int);
 void pmap_pdp_free(struct pool *, void *);
 static struct pool_allocator pmap_pdp_allocator = {
 	.pa_alloc = pmap_pdp_alloc,
 	.pa_free = pmap_pdp_free,
 	.pa_pagesz = PAGE_SIZE * PDP_SIZE,
 };
 #endif /* PAE */
 void *vmmap; /* XXX: used by mem.c... it should really uvm_map_reserve it */
 extern vaddr_t idt_vaddr;			/* we allocate IDT early */
 extern paddr_t idt_paddr;
 #ifdef _LP64
 extern vaddr_t lo32_vaddr;
 extern vaddr_t lo32_paddr;
 #endif
 extern int end;
 #ifdef i386
 /* stuff to fix the pentium f00f bug */
 extern vaddr_t pentium_idt_vaddr;
 #endif
 /*
  * local prototypes
  */
 static struct vm_page	*pmap_get_ptp(struct pmap *, vaddr_t,
 				      pd_entry_t * const *);
 static struct vm_page	*pmap_find_ptp(struct pmap *, vaddr_t, paddr_t, int);
 static void		 pmap_freepage(struct pmap *, struct vm_page *, int);
 static void		 pmap_free_ptp(struct pmap *, struct vm_page *,
 				       vaddr_t, pt_entry_t *,
 				       pd_entry_t * const *);
 static bool		 pmap_is_curpmap(struct pmap *);
 static bool		 pmap_is_active(struct pmap *, struct cpu_info *, bool);
 static bool		 pmap_remove_pte(struct pmap *, struct vm_page *,
 					 pt_entry_t *, vaddr_t,
 					 struct pv_entry **);
 static pt_entry_t	 pmap_remove_ptes(struct pmap *, struct vm_page *,
 					  vaddr_t, vaddr_t, vaddr_t,
 					  struct pv_entry **);
 static void		 pmap_unmap_apdp(void);
 static bool		 pmap_get_physpage(vaddr_t, int, paddr_t *);
 static void		 pmap_alloc_level(pd_entry_t * const *, vaddr_t, int,
 					  long *);
 static bool		 pmap_reactivate(struct pmap *);
 /*
  * p m a p   h e l p e r   f u n c t i o n s
  */
 static inline void
 pmap_stats_update(struct pmap *pmap, int resid_diff, int wired_diff)
+{
 	if (pmap == pmap_kernel()) {
 		atomic_add_long(&pmap->pm_stats.resident_count, resid_diff);
 		atomic_add_long(&pmap->pm_stats.wired_count, wired_diff);
 	} else {
 		KASSERT(mutex_owned(&pmap->pm_lock));
 		pmap->pm_stats.resident_count += resid_diff;
 		pmap->pm_stats.wired_count += wired_diff;
+	}
+}
 static inline void
 pmap_stats_update_bypte(struct pmap *pmap, pt_entry_t npte, pt_entry_t opte)
+{
 	int resid_diff = ((npte & PG_V) ? 1 : 0) - ((opte & PG_V) ? 1 : 0);
 	int wired_diff = ((npte & PG_W) ? 1 : 0) - ((opte & PG_W) ? 1 : 0);
 	KASSERT((npte & (PG_V | PG_W)) != PG_W);
 	KASSERT((opte & (PG_V | PG_W)) != PG_W);
 	pmap_stats_update(pmap, resid_diff, wired_diff);
+}
 /*
  * ptp_to_pmap: lookup pmap by ptp
  */
 static struct pmap *
 ptp_to_pmap(struct vm_page *ptp)
+{
 	struct pmap *pmap;
 	if (ptp == NULL) {
 		return pmap_kernel();
+	}
 	pmap = (struct pmap *)ptp->uobject;
 	KASSERT(pmap != NULL);
 	KASSERT(&pmap->pm_obj[0] == ptp->uobject);
 	return pmap;
+}
 static inline struct pv_pte *
 pve_to_pvpte(struct pv_entry *pve)
+{
 	KASSERT((void *)&pve->pve_pte == (void *)pve);
 	return &pve->pve_pte;
+}
 static inline struct pv_entry *
 pvpte_to_pve(struct pv_pte *pvpte)
+{
 	struct pv_entry *pve = (void *)pvpte;
 	KASSERT(pve_to_pvpte(pve) == pvpte);
 	return pve;
+}
 /*
  * pv_pte_first, pv_pte_next: PV list iterator.
  */
 static struct pv_pte *
 pv_pte_first(struct pmap_page *pp)
+{
 	KASSERT(pp_locked(pp));
 	if ((pp->pp_flags & PP_EMBEDDED) != 0) {
 		return &pp->pp_pte;
+	}
 	return pve_to_pvpte(LIST_FIRST(&pp->pp_head.pvh_list));
+}
 static struct pv_pte *
 pv_pte_next(struct pmap_page *pp, struct pv_pte *pvpte)
+{
 	KASSERT(pvpte != NULL);
 	KASSERT(pp_locked(pp));
 	if (pvpte == &pp->pp_pte) {
 		KASSERT((pp->pp_flags & PP_EMBEDDED) != 0);
 		return NULL;
+	}
 	KASSERT((pp->pp_flags & PP_EMBEDDED) == 0);
 	return pve_to_pvpte(LIST_NEXT(pvpte_to_pve(pvpte), pve_list));
+}
 /*
  * pmap_is_curpmap: is this pmap the one currently loaded [in %cr3]?
  *		of course the kernel is always loaded
  */
 inline static bool
 pmap_is_curpmap(struct pmap *pmap)
+{
 #if defined(XEN) && defined(__x86_64__)
 	/*
 	 * Only kernel pmap is physically loaded.
 	 * User PGD may be active, but TLB will be flushed
 	 * with HYPERVISOR_iret anyway, so let's say no
 	 */
 	return(pmap == pmap_kernel());
 #else /* XEN && __x86_64__*/
 	return((pmap == pmap_kernel()) ||
 	       (pmap == curcpu()->ci_pmap));
 #endif
+}
 /*
  * pmap_is_active: is this pmap loaded into the specified processor's %cr3?
  */
 inline static bool
 pmap_is_active(struct pmap *pmap, struct cpu_info *ci, bool kernel)
+{
 	return (pmap == pmap_kernel() ||
 	    (pmap->pm_cpus & ci->ci_cpumask) != 0 ||
 	    (kernel && (pmap->pm_kernel_cpus & ci->ci_cpumask) != 0));
+}
 static void
 pmap_apte_flush(struct pmap *pmap)
+{
 	KASSERT(kpreempt_disabled());
 	/*
 	 * Flush the APTE mapping from all other CPUs that
 	 * are using the pmap we are using (who's APTE space
 	 * is the one we've just modified).
+	 *
 	 * XXXthorpej -- find a way to defer the IPI.
 	 */
 	pmap_tlb_shootdown(pmap, (vaddr_t)-1LL, 0, 0);
 	pmap_tlb_shootwait();
+}
 /*
  * Unmap the content of APDP PDEs
  */
 static void
 pmap_unmap_apdp(void)
+{
 	int i;
 	for (i = 0; i < PDP_SIZE; i++) {
 		pmap_pte_set(APDP_PDE+i, 0);
 #if defined (XEN) && defined (PAE)
 		/* clear shadow entries too */
 		pmap_pte_set(APDP_PDE_SHADOW+i, 0);
 #endif
+	}
+}
 /*
  *	Add a reference to the specified pmap.
  */
-inline void
+void
 pmap_reference(struct pmap *pmap)
+{
 	atomic_inc_uint(&pmap->pm_obj[0].uo_refs);
+}
 /*
  * pmap_map_ptes: map a pmap's PTEs into KVM and lock them in
+ *
  * => we lock enough pmaps to keep things locked in
  * => must be undone with pmap_unmap_ptes before returning
  */
 void
 pmap_map_ptes(struct pmap *pmap, struct pmap **pmap2,
 	      pd_entry_t **ptepp, pd_entry_t * const **pdeppp)
+{
 	pd_entry_t opde, npde;
 	struct pmap *ourpmap;
 	struct cpu_info *ci;
 	struct lwp *l;
 	bool iscurrent;
 	uint64_t ncsw;
 #ifdef XEN
 	int s, i;
 #endif
 	/* the kernel's pmap is always accessible */
 	if (pmap == pmap_kernel()) {
 		*pmap2 = NULL;
 		*ptepp = PTE_BASE;
 		*pdeppp = normal_pdes;
 		return;
+	}
 	KASSERT(kpreempt_disabled());
  retry:
 	l = curlwp;
 	ncsw = l->l_ncsw;
  	ourpmap = NULL;
 	ci = curcpu();
 #if defined(XEN) && defined(__x86_64__)
 	/*
 	 * curmap can only be pmap_kernel so at this point
 	 * pmap_is_curpmap is always false
 	 */
 	iscurrent = 0;
 	ourpmap = pmap_kernel();
 #else /* XEN && __x86_64__*/
 	if (ci->ci_want_pmapload &&
 	    vm_map_pmap(&l->l_proc->p_vmspace->vm_map) == pmap) {
 		pmap_load();
 		if (l->l_ncsw != ncsw)
 			goto retry;
+	}
 	iscurrent = pmap_is_curpmap(pmap);
 	/* if curpmap then we are always mapped */
 	if (iscurrent) {
 		mutex_enter(&pmap->pm_lock);
 		*pmap2 = NULL;
 		*ptepp = PTE_BASE;
 		*pdeppp = normal_pdes;
 		goto out;
+	}
 	ourpmap = ci->ci_pmap;
 #endif /* XEN && __x86_64__ */
 	/* need to lock both curpmap and pmap: use ordered locking */
 	pmap_reference(ourpmap);
 	if ((uintptr_t) pmap < (uintptr_t) ourpmap) {
 		mutex_enter(&pmap->pm_lock);
 		mutex_enter(&ourpmap->pm_lock);
 	} else {
 		mutex_enter(&ourpmap->pm_lock);
 		mutex_enter(&pmap->pm_lock);
+	}
 	if (l->l_ncsw != ncsw)
 		goto unlock_and_retry;
 	/* need to load a new alternate pt space into curpmap? */
 	COUNT(apdp_pde_map);
 	opde = *APDP_PDE;
 	if (!pmap_valid_entry(opde) ||
 	    pmap_pte2pa(opde) != pmap_pdirpa(pmap, 0)) {
 #ifdef XEN
 		s = splvm();
 		/* Make recursive entry usable in user PGD */
 		for (i = 0; i < PDP_SIZE; i++) {
 			npde = pmap_pa2pte(
 			    pmap_pdirpa(pmap, i * NPDPG)) | PG_k | PG_V;
 			xpq_queue_pte_update(
 			    xpmap_ptom(pmap_pdirpa(pmap, PDIR_SLOT_PTE + i)),
 			    npde);
 			xpq_queue_pte_update(xpmap_ptetomach(&APDP_PDE[i]),
 			    npde);
 #ifdef PAE
 			/* update shadow entry too */
 			xpq_queue_pte_update(
 			    xpmap_ptetomach(&APDP_PDE_SHADOW[i]), npde);
 #endif /* PAE */
 			xpq_queue_invlpg(
 			    (vaddr_t)&pmap->pm_pdir[PDIR_SLOT_PTE + i]);
+		}
 		if (pmap_valid_entry(opde))
 			pmap_apte_flush(ourpmap);
 		splx(s);
 #else /* XEN */
 		int i;
 		for (i = 0; i < PDP_SIZE; i++) {
 			npde = pmap_pa2pte(
 			    pmap_pdirpa(pmap, i * NPDPG)) | PG_RW | PG_V;
 			pmap_pte_set(APDP_PDE+i, npde);
+		}
 		pmap_pte_flush();
 		if (pmap_valid_entry(opde))
 			pmap_apte_flush(ourpmap);
 #endif /* XEN */
+	}
 	*pmap2 = ourpmap;
 	*ptepp = APTE_BASE;
 	*pdeppp = alternate_pdes;
 	KASSERT(l->l_ncsw == ncsw);
 #if !defined(XEN) || !defined(__x86_64__)
  out:
 #endif
  	/*
  	 * might have blocked, need to retry?
  	 */
 	if (l->l_ncsw != ncsw) {
  unlock_and_retry:
 	    	if (ourpmap != NULL) {
 			mutex_exit(&ourpmap->pm_lock);
 			pmap_destroy(ourpmap);
+		}
 		mutex_exit(&pmap->pm_lock);
 		goto retry;
+	}
 	return;
+}
 /*
  * pmap_unmap_ptes: unlock the PTE mapping of "pmap"
  */
 void
 pmap_unmap_ptes(struct pmap *pmap, struct pmap *pmap2)
+{
 	if (pmap == pmap_kernel()) {
 		return;
+	}
 	KASSERT(kpreempt_disabled());
 	if (pmap2 == NULL) {
 		mutex_exit(&pmap->pm_lock);
 	} else {
 #if defined(XEN) && defined(__x86_64__)
 		KASSERT(pmap2 == pmap_kernel());
 #else
 		KASSERT(curcpu()->ci_pmap == pmap2);
 #endif
 #if defined(MULTIPROCESSOR)
 		pmap_unmap_apdp();
 		pmap_pte_flush();
 		pmap_apte_flush(pmap2);
 #endif
 		COUNT(apdp_pde_unmap);
 		mutex_exit(&pmap->pm_lock);
 		mutex_exit(&pmap2->pm_lock);
 		pmap_destroy(pmap2);
+	}
+}
 inline static void
 pmap_exec_account(struct pmap *pm, vaddr_t va, pt_entry_t opte, pt_entry_t npte)
+{
 #if !defined(__x86_64__)
 	if (curproc == NULL || curproc->p_vmspace == NULL ||
 	    pm != vm_map_pmap(&curproc->p_vmspace->vm_map))
 		return;
 	if ((opte ^ npte) & PG_X)
 		pmap_update_pg(va);
 	/*
 	 * Executability was removed on the last executable change.
 	 * Reset the code segment to something conservative and
 	 * let the trap handler deal with setting the right limit.
 	 * We can't do that because of locking constraints on the vm map.
 	 */
 	if ((opte & PG_X) && (npte & PG_X) == 0 && va == pm->pm_hiexec) {
 		struct trapframe *tf = curlwp->l_md.md_regs;
 		tf->tf_cs = GSEL(GUCODE_SEL, SEL_UPL);
 		pm->pm_hiexec = I386_MAX_EXE_ADDR;
+	}
 #endif /* !defined(__x86_64__) */
+}
 #if !defined(__x86_64__)
 /*
  * Fixup the code segment to cover all potential executable mappings.
  * returns 0 if no changes to the code segment were made.
  */
 int
 pmap_exec_fixup(struct vm_map *map, struct trapframe *tf, struct pcb *pcb)
+{
 	struct vm_map_entry *ent;
 	struct pmap *pm = vm_map_pmap(map);
 	vaddr_t va = 0;
 	vm_map_lock_read(map);
 	for (ent = (&map->header)->next; ent != &map->header; ent = ent->next) {
 		/*
 		 * This entry has greater va than the entries before.
 		 * We need to make it point to the last page, not past it.
 		 */
 		if (ent->protection & VM_PROT_EXECUTE)
 			va = trunc_page(ent->end) - PAGE_SIZE;
+	}
 	vm_map_unlock_read(map);
 	if (va == pm->pm_hiexec && tf->tf_cs == GSEL(GUCODEBIG_SEL, SEL_UPL))
 		return (0);
 	pm->pm_hiexec = va;
 	if (pm->pm_hiexec > I386_MAX_EXE_ADDR) {
 		tf->tf_cs = GSEL(GUCODEBIG_SEL, SEL_UPL);
 	} else {
 		tf->tf_cs = GSEL(GUCODE_SEL, SEL_UPL);
 		return (0);
+	}
 	return (1);
+}
 #endif /* !defined(__x86_64__) */
 void
 pat_init(struct cpu_info *ci)
+{
 	uint64_t pat;
 	if (!(ci->ci_feat_val[0] & CPUID_PAT))
 		return;
 	/* We change WT to WC. Leave all other entries the default values. */
 	pat = PATENTRY(0, PAT_WB) | PATENTRY(1, PAT_WC) |
 	      PATENTRY(2, PAT_UCMINUS) | PATENTRY(3, PAT_UC) |
 	      PATENTRY(4, PAT_WB) | PATENTRY(5, PAT_WC) |
 	      PATENTRY(6, PAT_UCMINUS) | PATENTRY(7, PAT_UC);
 	wrmsr(MSR_CR_PAT, pat);
 	cpu_pat_enabled = true;
 	aprint_debug_dev(ci->ci_dev, "PAT enabled\n");
+}
 static pt_entry_t
 pmap_pat_flags(u_int flags)
+{
 	u_int cacheflags = (flags & PMAP_CACHE_MASK);
 	if (!cpu_pat_enabled) {
 		switch (cacheflags) {
 		case PMAP_NOCACHE:
 		case PMAP_NOCACHE_OVR:
 			/* results in PGC_UCMINUS on cpus which have
 			 * the cpuid PAT but PAT "disabled"
 			 */
 			return PG_N;
 		default:
 			return 0;
+		}
+	}
 	switch (cacheflags) {
 	case PMAP_NOCACHE:
 		return PGC_UC;
 	case PMAP_WRITE_COMBINE:
 		return PGC_WC;
 	case PMAP_WRITE_BACK:
 		return PGC_WB;
 	case PMAP_NOCACHE_OVR:
 		return PGC_UCMINUS;
+	}
 	return 0;
+}
 /*
  * p m a p   k e n t e r   f u n c t i o n s
+ *
  * functions to quickly enter/remove pages from the kernel address
  * space.   pmap_kremove is exported to MI kernel.  we make use of
  * the recursive PTE mappings.
  */
 /*
  * pmap_kenter_pa: enter a kernel mapping without R/M (pv_entry) tracking
+ *
  * => no need to lock anything, assume va is already allocated
  * => should be faster than normal pmap enter function
  */
 void
 pmap_kenter_pa(vaddr_t va, paddr_t pa, vm_prot_t prot, u_int flags)
+{
 	pt_entry_t *pte, opte, npte;
 	KASSERT(!(prot & ~VM_PROT_ALL));
 	if (va < VM_MIN_KERNEL_ADDRESS)
 		pte = vtopte(va);
 	else
 		pte = kvtopte(va);
 #ifdef DOM0OPS
 	if (pa < pmap_pa_start || pa >= pmap_pa_end) {
 #ifdef DEBUG
 		printk("pmap_kenter_pa: pa 0x%" PRIx64 " for va 0x%" PRIx64
 		    " outside range\n", (int64_t)pa, (int64_t)va);
 #endif /* DEBUG */
 		npte = pa;
 	} else
 #endif /* DOM0OPS */
 		npte = pmap_pa2pte(pa);
 	npte |= protection_codes[prot] | PG_k | PG_V | pmap_pg_g;
 	npte |= pmap_pat_flags(flags);
 	opte = pmap_pte_testset(pte, npte); /* zap! */
 #if defined(DIAGNOSTIC)
 	/* XXX For now... */
 	if (opte & PG_PS)
 		panic("pmap_kenter_pa: PG_PS");
 #endif
 	if ((opte & (PG_V | PG_U)) == (PG_V | PG_U)) {
 		/* This should not happen, so no need to batch updates. */
 		kpreempt_disable();
 		pmap_tlb_shootdown(pmap_kernel(), va, 0, opte);
 		kpreempt_enable();
+	}
+}
 void
 pmap_emap_enter(vaddr_t va, paddr_t pa, vm_prot_t prot)
+{
 	pt_entry_t *pte, opte, npte;
 	KASSERT((prot & ~VM_PROT_ALL) == 0);
 	pte = (va < VM_MIN_KERNEL_ADDRESS) ? vtopte(va) : kvtopte(va);
 #ifdef DOM0OPS
 	if (pa < pmap_pa_start || pa >= pmap_pa_end) {
 		npte = pa;
 	} else
 #endif
 		npte = pmap_pa2pte(pa);
 	npte = pmap_pa2pte(pa);
 	npte |= protection_codes[prot] | PG_k | PG_V;
 	opte = pmap_pte_testset(pte, npte);
+}
 /*
  * pmap_emap_sync: perform TLB flush or pmap load, if it was deferred.
  */
 void
 pmap_emap_sync(bool canload)
+{
 	struct cpu_info *ci = curcpu();
 	struct pmap *pmap;
 	KASSERT(kpreempt_disabled());
 	if (__predict_true(ci->ci_want_pmapload && canload)) {
 		/*
 		 * XXX: Hint for pmap_reactivate(), which might suggest to
 		 * not perform TLB flush, if state has not changed.
 		 */
 		pmap = vm_map_pmap(&curlwp->l_proc->p_vmspace->vm_map);
 		if (__predict_false(pmap == ci->ci_pmap)) {
 			const uint32_t cpumask = ci->ci_cpumask;
 			atomic_and_32(&pmap->pm_cpus, ~cpumask);
+		}
 		pmap_load();
 		KASSERT(ci->ci_want_pmapload == 0);
 	} else {
 		tlbflush();
+	}
+}
 void
 pmap_emap_remove(vaddr_t sva, vsize_t len)
+{
 	pt_entry_t *pte, xpte;
 	vaddr_t va, eva = sva + len;
 	for (va = sva; va < eva; va += PAGE_SIZE) {
 		pte = (va < VM_MIN_KERNEL_ADDRESS) ? vtopte(va) : kvtopte(va);
 		xpte |= pmap_pte_testset(pte, 0);
+	}
+}
 __weak_alias(pmap_kenter_ma, pmap_kenter_pa);
 #if defined(__x86_64__)
 /*
  * Change protection for a virtual address. Local for a CPU only, don't
  * care about TLB shootdowns.
+ *
  * => must be called with preemption disabled
  */
 void
 pmap_changeprot_local(vaddr_t va, vm_prot_t prot)
+{
 	pt_entry_t *pte, opte, npte;
 	KASSERT(kpreempt_disabled());
 	if (va < VM_MIN_KERNEL_ADDRESS)
 		pte = vtopte(va);
 	else
 		pte = kvtopte(va);
 	npte = opte = *pte;
 	if ((prot & VM_PROT_WRITE) != 0)
 		npte |= PG_RW;
 	else
 		npte &= ~PG_RW;
 	if (opte != npte) {
 		pmap_pte_set(pte, npte);
 		pmap_pte_flush();
 		invlpg(va);
+	}
+}
 #endif /* defined(__x86_64__) */
 /*
  * pmap_kremove: remove a kernel mapping(s) without R/M (pv_entry) tracking
+ *
  * => no need to lock anything
  * => caller must dispose of any vm_page mapped in the va range
  * => note: not an inline function
  * => we assume the va is page aligned and the len is a multiple of PAGE_SIZE
  * => we assume kernel only unmaps valid addresses and thus don't bother
  *    checking the valid bit before doing TLB flushing
  * => must be followed by call to pmap_update() before reuse of page
  */
 void
 pmap_kremove(vaddr_t sva, vsize_t len)
+{
 	pt_entry_t *pte, xpte;
 	vaddr_t va, eva;
 	eva = sva + len;
 	xpte = 0;
 	for (va = sva; va < eva; va += PAGE_SIZE) {
 		if (va < VM_MIN_KERNEL_ADDRESS)
 			pte = vtopte(va);
 		else
 			pte = kvtopte(va);
 		xpte |= pmap_pte_testset(pte, 0); /* zap! */
 #if defined(DIAGNOSTIC)
 		/* XXX For now... */
 		if (xpte & PG_PS)
 			panic("pmap_kremove: PG_PS");
 		if (xpte & PG_PVLIST)
 			panic("pmap_kremove: PG_PVLIST mapping for 0x%lx",
 			      va);
 #endif
+	}
 	if ((xpte & (PG_V | PG_U)) == (PG_V | PG_U)) {
 		kpreempt_disable();
 		pmap_tlb_shootdown(pmap_kernel(), sva, eva, xpte);
 		kpreempt_enable();
+	}
+}
 /*
  * p m a p   i n i t   f u n c t i o n s
+ *
  * pmap_bootstrap and pmap_init are called during system startup
  * to init the pmap module.   pmap_bootstrap() does a low level
  * init just to get things rolling.   pmap_init() finishes the job.
  */
 /*
  * pmap_bootstrap: get the system in a state where it can run with VM
  *	properly enabled (called before main()).   the VM system is
  *      fully init'd later...
+ *
  * => on i386, locore.s has already enabled the MMU by allocating
  *	a PDP for the kernel, and nkpde PTP's for the kernel.
  * => kva_start is the first free virtual address in kernel space
  */
 void
 pmap_bootstrap(vaddr_t kva_start)
+{
 	struct pmap *kpm;
 	pt_entry_t *pte;
 	int i;
 	vaddr_t kva;
 #ifndef XEN
 	unsigned long p1i;
 	vaddr_t kva_end;
 #endif
 	pt_entry_t pg_nx = (cpu_feature[2] & CPUID_NOX ? PG_NX : 0);
 	/*
 	 * set up our local static global vars that keep track of the
 	 * usage of KVM before kernel_map is set up
 	 */
 	virtual_avail = kva_start;		/* first free KVA */
 	virtual_end = VM_MAX_KERNEL_ADDRESS;	/* last KVA */
 	/*
 	 * set up protection_codes: we need to be able to convert from
 	 * a MI protection code (some combo of VM_PROT...) to something
 	 * we can jam into a i386 PTE.
 	 */
 	protection_codes[VM_PROT_NONE] = pg_nx;			/* --- */
 	protection_codes[VM_PROT_EXECUTE] = PG_RO | PG_X;	/* --x */
 	protection_codes[VM_PROT_READ] = PG_RO | pg_nx;		/* -r- */
 	protection_codes[VM_PROT_READ|VM_PROT_EXECUTE] = PG_RO | PG_X;/* -rx */
 	protection_codes[VM_PROT_WRITE] = PG_RW | pg_nx;	/* w-- */
 	protection_codes[VM_PROT_WRITE|VM_PROT_EXECUTE] = PG_RW | PG_X;/* w-x */
 	protection_codes[VM_PROT_WRITE|VM_PROT_READ] = PG_RW | pg_nx;
 								/* wr- */
 	protection_codes[VM_PROT_ALL] = PG_RW | PG_X;		/* wrx */
 	/*
 	 * now we init the kernel's pmap
+	 *
 	 * the kernel pmap's pm_obj is not used for much.   however, in
 	 * user pmaps the pm_obj contains the list of active PTPs.
 	 * the pm_obj currently does not have a pager.   it might be possible
 	 * to add a pager that would allow a process to read-only mmap its
 	 * own page tables (fast user level vtophys?).   this may or may not
 	 * be useful.
 	 */
 	kpm = pmap_kernel();
 	for (i = 0; i < PTP_LEVELS - 1; i++) {
 		UVM_OBJ_INIT(&kpm->pm_obj[i], NULL, 1);
 		kpm->pm_ptphint[i] = NULL;
+	}
 	memset(&kpm->pm_list, 0, sizeof(kpm->pm_list));  /* pm_list not used */
 	kpm->pm_pdir = (pd_entry_t *)(PDPpaddr + KERNBASE);
 	for (i = 0; i < PDP_SIZE; i++)
 		kpm->pm_pdirpa[i] = PDPpaddr + PAGE_SIZE * i;
 	kpm->pm_stats.wired_count = kpm->pm_stats.resident_count =
 		x86_btop(kva_start - VM_MIN_KERNEL_ADDRESS);
 	/*
 	 * the above is just a rough estimate and not critical to the proper
 	 * operation of the system.
 	 */
 #ifndef XEN
 	/*
 	 * Begin to enable global TLB entries if they are supported.
 	 * The G bit has no effect until the CR4_PGE bit is set in CR4,
 	 * which happens in cpu_init(), which is run on each cpu
 	 * (and happens later)
 	 */
 	if (cpu_feature[0] & CPUID_PGE) {
 		pmap_pg_g = PG_G;		/* enable software */
 		/* add PG_G attribute to already mapped kernel pages */
 		if (KERNBASE == VM_MIN_KERNEL_ADDRESS) {
 			kva_end = virtual_avail;
 		} else {
 			extern vaddr_t eblob, esym;
 			kva_end = (vaddr_t)&end;
 			if (esym > kva_end)
 				kva_end = esym;
 			if (eblob > kva_end)
 				kva_end = eblob;
 			kva_end = roundup(kva_end, PAGE_SIZE);
+		}
 		for (kva = KERNBASE; kva < kva_end; kva += PAGE_SIZE) {
 			p1i = pl1_i(kva);
 			if (pmap_valid_entry(PTE_BASE[p1i]))
 				PTE_BASE[p1i] |= PG_G;
+		}
+	}
 	/*
 	 * enable large pages if they are supported.
 	 */
 	if (cpu_feature[0] & CPUID_PSE) {
 		paddr_t pa;
 		pd_entry_t *pde;
 		extern char __data_start;
 		lcr4(rcr4() | CR4_PSE);	/* enable hardware (via %cr4) */
 		pmap_largepages = 1;	/* enable software */
 		/*
 		 * the TLB must be flushed after enabling large pages
 		 * on Pentium CPUs, according to section 3.6.2.2 of
 		 * "Intel Architecture Software Developer's Manual,
 		 * Volume 3: System Programming".
 		 */
 		tlbflush();
 		/*
 		 * now, remap the kernel text using large pages.  we
 		 * assume that the linker has properly aligned the
 		 * .data segment to a NBPD_L2 boundary.
 		 */
 		kva_end = rounddown((vaddr_t)&__data_start, NBPD_L1);
 		for (pa = 0, kva = KERNBASE; kva + NBPD_L2 <= kva_end;
 		     kva += NBPD_L2, pa += NBPD_L2) {
 			pde = &L2_BASE[pl2_i(kva)];
 			*pde = pa | pmap_pg_g | PG_PS |
 			    PG_KR | PG_V;	/* zap! */
 			tlbflush();
+		}
 #if defined(DEBUG)
 		aprint_normal("kernel text is mapped with %" PRIuPSIZE " large "
 		    "pages and %" PRIuPSIZE " normal pages\n",
 		    howmany(kva - KERNBASE, NBPD_L2),
 		    howmany((vaddr_t)&__data_start - kva, NBPD_L1));
 #endif /* defined(DEBUG) */
+	}
 #endif /* !XEN */
 	if (VM_MIN_KERNEL_ADDRESS != KERNBASE) {
 		/*
 		 * zero_pte is stuck at the end of mapped space for the kernel
 		 * image (disjunct from kva space). This is done so that it
 		 * can safely be used in pmap_growkernel (pmap_get_physpage),
 		 * when it's called for the first time.
 		 * XXXfvdl fix this for MULTIPROCESSOR later.
 		 */
 		early_zerop = (void *)(KERNBASE + NKL2_KIMG_ENTRIES * NBPD_L2);
 		early_zero_pte = PTE_BASE + pl1_i((vaddr_t)early_zerop);
+	}
 	/*
 	 * now we allocate the "special" VAs which are used for tmp mappings
 	 * by the pmap (and other modules).    we allocate the VAs by advancing
 	 * virtual_avail (note that there are no pages mapped at these VAs).
 	 * we find the PTE that maps the allocated VA via the linear PTE
 	 * mapping.
 	 */
 	pte = PTE_BASE + pl1_i(virtual_avail);
 #ifdef MULTIPROCESSOR
 	/*
 	 * Waste some VA space to avoid false sharing of cache lines
 	 * for page table pages: Give each possible CPU a cache line
 	 * of PTE's (8) to play with, though we only need 4.  We could
 	 * recycle some of this waste by putting the idle stacks here
 	 * as well; we could waste less space if we knew the largest
 	 * CPU ID beforehand.
 	 */
 	csrcp = (char *) virtual_avail;  csrc_pte = pte;
 	cdstp = (char *) virtual_avail+PAGE_SIZE;  cdst_pte = pte+1;
 	zerop = (char *) virtual_avail+PAGE_SIZE*2;  zero_pte = pte+2;
 	ptpp = (char *) virtual_avail+PAGE_SIZE*3;  ptp_pte = pte+3;
 	virtual_avail += PAGE_SIZE * maxcpus * NPTECL;
 	pte += maxcpus * NPTECL;
 #else
 	csrcp = (void *) virtual_avail;  csrc_pte = pte;	/* allocate */
 	virtual_avail += PAGE_SIZE; pte++;			/* advance */
 	cdstp = (void *) virtual_avail;  cdst_pte = pte;
 	virtual_avail += PAGE_SIZE; pte++;
 	zerop = (void *) virtual_avail;  zero_pte = pte;
 	virtual_avail += PAGE_SIZE; pte++;
 	ptpp = (void *) virtual_avail;  ptp_pte = pte;
 	virtual_avail += PAGE_SIZE; pte++;
 #endif
 	if (VM_MIN_KERNEL_ADDRESS == KERNBASE) {
 		early_zerop = zerop;
 		early_zero_pte = zero_pte;
+	}
 	/*
 	 * Nothing after this point actually needs pte;
 	 */
 	pte = (void *)0xdeadbeef;
 	/* XXX: vmmap used by mem.c... should be uvm_map_reserve */
 	/* XXXfvdl PTEs not needed here */
 	vmmap = (char *)virtual_avail;			/* don't need pte */
 	virtual_avail += PAGE_SIZE; pte++;
 #ifdef XEN
 #ifdef __x86_64__
 	/*
 	 * We want a dummy page directory for Xen:
 	 * when deactivate a pmap, Xen will still consider it active.
 	 * So we set user PGD to this one to lift all protection on
 	 * the now inactive page tables set.
 	 */
 	xen_dummy_user_pgd = avail_start;
 	avail_start += PAGE_SIZE;
 	/* Zero fill it, the less checks in Xen it requires the better */
 	memset((void *) (xen_dummy_user_pgd + KERNBASE), 0, PAGE_SIZE);
 	/* Mark read-only */
 	HYPERVISOR_update_va_mapping(xen_dummy_user_pgd + KERNBASE,
 	    pmap_pa2pte(xen_dummy_user_pgd) | PG_u | PG_V, UVMF_INVLPG);
 	/* Pin as L4 */
 	xpq_queue_pin_l4_table(xpmap_ptom_masked(xen_dummy_user_pgd));
 #endif /* __x86_64__ */
 	idt_vaddr = virtual_avail;                      /* don't need pte */
 	idt_paddr = avail_start;                        /* steal a page */
 	/*
 	 * Xen require one more page as we can't store
 	 * GDT and LDT on the same page
 	 */
 	virtual_avail += 3 * PAGE_SIZE;
 	avail_start += 3 * PAGE_SIZE;
 #else /* XEN */
 	idt_vaddr = virtual_avail;			/* don't need pte */
 	idt_paddr = avail_start;			/* steal a page */
 #if defined(__x86_64__)
 	virtual_avail += 2 * PAGE_SIZE; pte += 2;
 	avail_start += 2 * PAGE_SIZE;
 #else /* defined(__x86_64__) */
 	virtual_avail += PAGE_SIZE; pte++;
 	avail_start += PAGE_SIZE;
 	/* pentium f00f bug stuff */
 	pentium_idt_vaddr = virtual_avail;		/* don't need pte */
 	virtual_avail += PAGE_SIZE; pte++;
 #endif /* defined(__x86_64__) */
 #endif /* XEN */
 #ifdef _LP64
 	/*
 	 * Grab a page below 4G for things that need it (i.e.
 	 * having an initial %cr3 for the MP trampoline).
 	 */
 	lo32_vaddr = virtual_avail;
 	virtual_avail += PAGE_SIZE; pte++;
 	lo32_paddr = avail_start;
 	avail_start += PAGE_SIZE;
 #endif
 	/*
 	 * now we reserve some VM for mapping pages when doing a crash dump
 	 */
 	virtual_avail = reserve_dumppages(virtual_avail);
 	/*
 	 * init the static-global locks and global lists.
+	 *
 	 * => pventry::pvh_lock (initialized elsewhere) must also be
 	 *      a spin lock, again at IPL_VM to prevent deadlock, and
 	 *	again is never taken from interrupt context.
 	 */
 	mutex_init(&pmaps_lock, MUTEX_DEFAULT, IPL_NONE);
 	LIST_INIT(&pmaps);
 	pmap_cpu_init_early(curcpu());
 	/*
 	 * initialize caches.
 	 */
 	pool_cache_bootstrap(&pmap_cache, sizeof(struct pmap), 0, 0, 0,
 	    "pmappl", NULL, IPL_NONE, NULL, NULL, NULL);
 #ifdef PAE
 	pool_cache_bootstrap(&pmap_pdp_cache, PAGE_SIZE * PDP_SIZE, 0, 0, 0,
 	    "pdppl", &pmap_pdp_allocator, IPL_NONE,
 	    pmap_pdp_ctor, pmap_pdp_dtor, NULL);
 #else /* PAE */
 	pool_cache_bootstrap(&pmap_pdp_cache, PAGE_SIZE, 0, 0, 0,
 	    "pdppl", NULL, IPL_NONE, pmap_pdp_ctor, pmap_pdp_dtor, NULL);
 #endif /* PAE */
 	pool_cache_bootstrap(&pmap_pv_cache, sizeof(struct pv_entry), 0, 0,
 	    PR_LARGECACHE, "pvpl", &pool_allocator_meta, IPL_NONE, NULL,
 	    NULL, NULL);
 	/*
 	 * ensure the TLB is sync'd with reality by flushing it...
 	 */
 	tlbflush();
 	/*
 	 * calculate pmap_maxkvaddr from nkptp[].
 	 */
 	kva = VM_MIN_KERNEL_ADDRESS;
 	for (i = PTP_LEVELS - 1; i >= 1; i--) {
 		kva += nkptp[i] * nbpd[i];
+	}
 	pmap_maxkvaddr = kva;
+}
 #if defined(__x86_64__)
 /*
  * Pre-allocate PTPs for low memory, so that 1:1 mappings for various
  * trampoline code can be entered.
  */
 void
 pmap_prealloc_lowmem_ptps(void)
+{
 #ifdef XEN
 	int level;
 	paddr_t newp;
 	paddr_t pdes_pa;
 	pdes_pa = pmap_pdirpa(pmap_kernel(), 0);
 	level = PTP_LEVELS;
 	for (;;) {
 		newp = avail_start;
 		avail_start += PAGE_SIZE;
 		HYPERVISOR_update_va_mapping ((vaddr_t)early_zerop,
 		    xpmap_ptom_masked(newp) | PG_u | PG_V | PG_RW, UVMF_INVLPG);
 		memset((void *)early_zerop, 0, PAGE_SIZE);
 		/* Mark R/O before installing */
 		HYPERVISOR_update_va_mapping ((vaddr_t)early_zerop,
 		    xpmap_ptom_masked(newp) | PG_u | PG_V, UVMF_INVLPG);
 		if (newp < (NKL2_KIMG_ENTRIES * NBPD_L2))
 			HYPERVISOR_update_va_mapping (newp + KERNBASE,
 			    xpmap_ptom_masked(newp) | PG_u | PG_V, UVMF_INVLPG);
 		xpq_queue_pte_update (
 			xpmap_ptom_masked(pdes_pa)
 			+ (pl_i(0, level) * sizeof (pd_entry_t)),
 			xpmap_ptom_masked(newp) | PG_RW | PG_u | PG_V);
 		level--;
 		if (level <= 1)
 			break;
 		pdes_pa = newp;
+	}
 #else /* XEN */
 	pd_entry_t *pdes;
 	int level;
 	paddr_t newp;
 	pdes = pmap_kernel()->pm_pdir;
 	level = PTP_LEVELS;
 	for (;;) {
 		newp = avail_start;
 		avail_start += PAGE_SIZE;
 		*early_zero_pte = (newp & PG_FRAME) | PG_V | PG_RW;
 		pmap_update_pg((vaddr_t)early_zerop);
 		memset(early_zerop, 0, PAGE_SIZE);
 		pdes[pl_i(0, level)] = (newp & PG_FRAME) | PG_V | PG_RW;
 		level--;
 		if (level <= 1)
 			break;
 		pdes = normal_pdes[level - 2];
+	}
 #endif /* XEN */
+}
 #endif /* defined(__x86_64__) */
 /*
  * pmap_init: called from uvm_init, our job is to get the pmap
  * system ready to manage mappings...
  */
 void
 pmap_init(void)
+{
 	int i;
 	for (i = 0; i < PV_HASH_SIZE; i++) {
 		SLIST_INIT(&pv_hash_heads[i].hh_list);
+	}
 	for (i = 0; i < PV_HASH_LOCK_CNT; i++) {
 		mutex_init(&pv_hash_locks[i].lock, MUTEX_NODEBUG, IPL_VM);
+	}
 	/*
 	 * done: pmap module is up (and ready for business)
 	 */
 	pmap_initialized = true;
+}
 /*
  * pmap_cpu_init_early: perform early per-CPU initialization.
  */
 void
 pmap_cpu_init_early(struct cpu_info *ci)
+{
 	struct pmap_cpu *pc;
 	static uint8_t pmap_cpu_alloc;
 	pc = &pmap_cpu[pmap_cpu_alloc++].pc;
 	ci->ci_pmap_cpu = pc;
+}
 /*
  * pmap_cpu_init_late: perform late per-CPU initialization.
  */
 void
 pmap_cpu_init_late(struct cpu_info *ci)
+{
 	if (ci == &cpu_info_primary) {
 		evcnt_attach_dynamic(&pmap_tlb_evcnt, EVCNT_TYPE_INTR,
 		    NULL, "global", "TLB IPI");
 		evcnt_attach_dynamic(&pmap_iobmp_evcnt, EVCNT_TYPE_MISC,
 		    NULL, "x86", "io bitmap copy");
 		evcnt_attach_dynamic(&pmap_ldt_evcnt, EVCNT_TYPE_MISC,
 		    NULL, "x86", "ldt sync");
+	}
 	evcnt_attach_dynamic(&ci->ci_tlb_evcnt, EVCNT_TYPE_MISC,
 	    NULL, device_xname(ci->ci_dev), "TLB IPI");
 #ifdef PAE
 	int ret;
 	struct pglist pg;
 	struct vm_page *vmap;
 	/* The BP has already its own L3 page allocated in locore.S. */
 	if (ci == &cpu_info_primary)
 		return;
 	/*
 	 * Allocate a page for the per-CPU L3 PD. cr3 being 32 bits, PA musts
 	 * resides below the 4GB boundary.
 	 */
 	ret = uvm_pglistalloc(PAGE_SIZE, 0, 0x100000000ULL, 32, 0, &pg, 1, 0);
 	vmap = TAILQ_FIRST(&pg);
 	if (ret != 0 || vmap == NULL)
 		panic("%s: failed to allocate L3 pglist for CPU %d (ret %d)\n",
 			__func__, cpu_index(ci), ret);
 	ci->ci_pae_l3_pdirpa = vmap->phys_addr;
 	ci->ci_pae_l3_pdir = (paddr_t *)uvm_km_alloc(kernel_map, PAGE_SIZE, 0,
 		UVM_KMF_VAONLY | UVM_KMF_NOWAIT);
 	if (ci->ci_pae_l3_pdir == NULL)
 		panic("%s: failed to allocate L3 PD for CPU %d\n",
 			__func__, cpu_index(ci));
 	pmap_kenter_pa((vaddr_t)ci->ci_pae_l3_pdir, ci->ci_pae_l3_pdirpa,
 		VM_PROT_READ | VM_PROT_WRITE, 0);
 	pmap_update(pmap_kernel());
 #endif
+}
 /*
  * p v _ e n t r y   f u n c t i o n s
  */
 /*
  * pmap_free_pvs: free a list of pv_entrys
  */
 static void
 pmap_free_pvs(struct pv_entry *pve)
+{
 	struct pv_entry *next;
 	for ( /* null */ ; pve != NULL ; pve = next) {
 		next = pve->pve_next;
 		pool_cache_put(&pmap_pv_cache, pve);
+	}
+}
 /*
  * main pv_entry manipulation functions:
  *   pmap_enter_pv: enter a mapping onto a pv_head list
  *   pmap_remove_pv: remove a mapping from a pv_head list
+ *
  * NOTE: Both pmap_enter_pv and pmap_remove_pv expect the caller to lock
  *       the pvh before calling
  */
 /*