/*
   * Build-time sanity checks on the kernel image and module
   * area mappings. (these are purely build-time and produce no code)
   */
  BUILD_BUG_ON(MODULES_VADDR < __START_KERNEL_map);
  BUILD_BUG_ON(MODULES_VADDR - __START_KERNEL_map < KERNEL_IMAGE_SIZE);
  BUILD_BUG_ON(MODULES_LEN + KERNEL_IMAGE_SIZE > 2*PUD_SIZE);
  BUILD_BUG_ON((__START_KERNEL_map & ~PMD_MASK) != 0);
  BUILD_BUG_ON((MODULES_VADDR & ~PMD_MASK) != 0);
  BUILD_BUG_ON(!(MODULES_VADDR > __START_KERNEL));
  BUILD_BUG_ON(!(((MODULES_END - 1) & PGDIR_MASK) ==
        (__START_KERNEL & PGDIR_MASK)));
  BUILD_BUG_ON(__fix_to_virt(__end_of_fixed_addresses) <= MODULES_END);

/* Wipe all early page tables except for the kernel symbol map */
static void __init reset_early_page_tables(void)
{
  unsigned long i;

  for (i = 0; i < PTRS_PER_PGD-1; i++)
    early_level4_pgt[i].pgd = 0;

  next_early_pgt = 0;

  write_cr3(__pa(early_level4_pgt));
}

  /* Kill off the identity-map trampoline */
  reset_early_page_tables();

static inline unsigned long __phys_addr_nodebug(unsigned long x)
{
  unsigned long y = x - __START_KERNEL_map;

  /* use the carry flag to determine if x was < __START_KERNEL_map */
  x = y + ((x > y) ? phys_base : (__START_KERNEL_map - PAGE_OFFSET));

  return x;
}

#define __phys_addr(x)  __phys_addr_nodebug(x)
#define __pa(x)   __phys_addr((unsigned long)(x))

/* Don't add a printk in there. printk relies on the PDA which is not initialized 
   yet. */
static void __init clear_bss(void)
{
  memset(__bss_start, 0,
         (unsigned long) __bss_stop - (unsigned long) __bss_start);
}

  /* clear bss before set_intr_gate with early_idt_handler */
  clear_bss();

static inline void native_load_idt(const struct desc_ptr *dtr)
{
  asm volatile("lidt %0"::"m" (*dtr));
}

#define load_idt(dtr) native_load_idt(dtr)

  for (i = 0; i < NUM_EXCEPTION_VECTORS; i++)
    set_intr_gate(i, early_idt_handlers[i]);
  load_idt((const struct desc_ptr *)&idt_descr);

static void __init copy_bootdata(char *real_mode_data)
{
  char * command_line;
  unsigned long cmd_line_ptr;

  memcpy(&boot_params, real_mode_data, sizeof boot_params);
  sanitize_boot_params(&boot_params);
  cmd_line_ptr = get_cmd_line_ptr();
  if (cmd_line_ptr) {
    command_line = __va(cmd_line_ptr);
    memcpy(boot_command_line, command_line, COMMAND_LINE_SIZE);
  }
}

  copy_bootdata(__va(real_mode_data));

  clear_page(init_level4_pgt);
  /* set init_level4_pgt kernel high mapping*/
  init_level4_pgt[511] = early_level4_pgt[511];

asmlinkage void __init x86_64_start_kernel(char * real_mode_data)
{
  ...

  x86_64_start_reservations(real_mode_data);
}

void __init x86_64_start_reservations(char *real_mode_data)
{
  ...

  start_kernel();
}

asmlinkage void __init start_kernel(void)
{
  ...
  setup_arch(&command_line);
  ...
  setup_per_cpu_areas();
  ...
  build_all_zonelist(NULL, NULL);
  page_alloc_init();
  ...
  mm_init();
  ...
  setup_per_cpu_pageset();
}

void __init setup_arch(char **cmdline_p)
{
  setup_memory_map();
  e820_reserve_setup_data();

  init_mm.start_code = (unsigned long) _text;
  init_mm.end_code = (unsigned long) _etext;
  init_mm.end_data = (unsigned long) _edata;
  init_mm.brk = _brk_end;

  e820_add_kernel_range();
  ...
  cleanup_highmap();
  ...
  init_mem_mapping();
  early_trap_pf_init();
  ...
  x86_init.paging.pagetable_init(); // native_pagetable_init() -> paging_init (arch/x86/mm/init_64.c)
  ...
}

/*
 * The head.S code sets up the kernel high mapping:
 *
 *   from __START_KERNEL_map to __START_KERNEL_map + size (== _end-_text)
 *
 * phys_base holds the negative offset to the kernel, which is added
 * to the compile time generated pmds. This results in invalid pmds up
 * to the point where we hit the physaddr 0 mapping.
 *
 * We limit the mappings to the region from _text to _brk_end.  _brk_end
 * is rounded up to the 2MB boundary. This catches the invalid pmds as
 * well, as they are located before _text:
 */
void __init cleanup_highmap(void)
{
  unsigned long vaddr = __START_KERNEL_map;
  unsigned long vaddr_end = __START_KERNEL_map + KERNEL_IMAGE_SIZE;
  unsigned long end = roundup((unsigned long)_brk_end, PMD_SIZE) - 1;
  pmd_t *pmd = level2_kernel_pgt;

  /*
   * Native path, max_pfn_mapped is not set yet.
   * Xen has valid max_pfn_mapped set in
   *  arch/x86/xen/mmu.c:xen_setup_kernel_pagetable().
   */
  if (max_pfn_mapped)
    vaddr_end = __START_KERNEL_map + (max_pfn_mapped << PAGE_SHIFT);

  for (; vaddr + PMD_SIZE - 1 < vaddr_end; pmd++, vaddr += PMD_SIZE) {
    if (pmd_none(*pmd))
      continue;
    if (vaddr < (unsigned long) _text || vaddr > end)
      set_pmd(pmd, __pmd(0));
  }
}

void __init init_mem_mapping(void)
{
  ...
  end = max_pfn << PAGE_SHIFT;

  /* the ISA range is always mapped regardless of memory holes */
  init_memory_mapping(0, ISA_END_ADDRESS);

  memory_map_top_down(ISA_END_ADDRESS, end);

  if (max_pfn > max_low_pfn) {
    /* can we preseve max_low_pfn ?*/
    max_low_pfn = max_pfn;
  }

  load_cr3(swapper_pg_dir);
  __flush_tlb_all();

  early_memtest(0, max_pfn_mapped << PAGE_SHIFT);
}

/*
 * Setup the direct mapping of the physical memory at PAGE_OFFSET.
 * This runs before bootmem is initialized and gets pages directly from
 * the physical memory. To access them they are temporarily mapped.
 */
unsigned long __init_refok init_memory_mapping(unsigned long start,
                 unsigned long end)
{
  struct map_range mr[NR_RANGE_MR];
  unsigned long ret = 0;
  int nr_range, i;

  pr_info("init_memory_mapping: [mem %#010lx-%#010lx]\n",
         start, end - 1);

  memset(mr, 0, sizeof(mr));
  nr_range = split_mem_range(mr, 0, start, end);

  for (i = 0; i < nr_range; i++)
    ret = kernel_physical_mapping_init(mr[i].start, mr[i].end,
               mr[i].page_size_mask);

  add_pfn_range_mapped(start >> PAGE_SHIFT, ret >> PAGE_SHIFT);

  return ret >> PAGE_SHIFT;
}

static int __meminit split_mem_range(struct map_range *mr, int nr_range,
             unsigned long start,
             unsigned long end)
{
  ...
}

unsigned long __meminit
kernel_physical_mapping_init(unsigned long start,
           unsigned long end,
           unsigned long page_size_mask)
{
  bool pgd_changed = false;
  unsigned long next, last_map_addr = end;
  unsigned long addr;

  start = (unsigned long)__va(start);
  end = (unsigned long)__va(end);
  addr = start;

  for (; start < end; start = next) {
    pgd_t *pgd = pgd_offset_k(start);
    pud_t *pud;

    next = (start & PGDIR_MASK) + PGDIR_SIZE;

    if (pgd_val(*pgd)) {
      pud = (pud_t *)pgd_page_vaddr(*pgd);
      last_map_addr = phys_pud_init(pud, __pa(start),
             __pa(end), page_size_mask);
      continue;
    }

    pud = alloc_low_page();
    last_map_addr = phys_pud_init(pud, __pa(start), __pa(end),
             page_size_mask);

    spin_lock(&init_mm.page_table_lock);
    pgd_populate(&init_mm, pgd, pud);
    spin_unlock(&init_mm.page_table_lock);
    pgd_changed = true;
  }

  if (pgd_changed)
    sync_global_pgds(addr, end - 1);

  __flush_tlb_all();

  return last_map_addr;
}

  start = (unsigned long)__va(start);
  end = (unsigned long)__va(end);

#define swapper_pg_dir init_level4_pgt;

struct mm_struct init_mm = {
  .pgd = swapper_pg_dir,
  ...
}

#define pgd_offset(mm, address) ((mm)->pgd + pgd_index((address)))

#define pgd_offset_k(address) pgd_offset(&init_mm, (address))

pgd_t *pgd = pgd_offset_k(start);

NEXT_PAGE(init_level4_pgt)
  .quad   level3_ident_pgt - __START_KERNEL_map + _KERNPG_TABLE
  .org    init_level4_pgt + L4_PAGE_OFFSET*8, 0
  .quad   level3_ident_pgt - __START_KERNEL_map + _KERNPG_TABLE
  .org    init_level4_pgt + L4_START_KERNEL*8, 0
  /* (2^48-(2*1024*1024*1024))/(2^39) = 511 */
  .quad   level3_kernel_pgt - __START_KERNEL_map + _PAGE_TABLE

NEXT_PAGE(level3_ident_pgt)
  .quad level2_ident_pgt - __START_KERNEL_map + _KERNPG_TABLE
  .fill 511, 8, 0
NEXT_PAGE(level2_ident_pgt)
  /* Since I easily can, map the first 1G.
   * Don't set NX because code runs from these pages.
   */
  PMDS(0, __PAGE_KERNEL_IDENT_LARGE_EXEC, PTRS_PER_PMD)