linux5.15
armv8-a arm文档 VMSA章节 D5.2.4 Memory translation granule size
A VMSA provides a Memory Management Unit (MMU) that controls address translation, access permissions, and memory attribute determination and checking, for memory accesses made by the PE. The process of address translation maps the virtual addresses (VAs) used by the PE onto the physical addresses (PAs) of the physical memory system. The mapping of a VA to a PA requires either a single stage of translation, or two sequential stages of translation.
以aarch64 state non-secure el0&el1的环境,即最常见的arm64 linux最常见的场景
地址转换重要寄存器
armv8 system register有 ttbr0_el1 和ttbr1_el1 tcr_el1寄存器设定mmu的转换过程
ttbr0_el1 进程的用户空间页表位置
ttbr1_el1 内核页表位置
tcr_el1 控制转换过程bit位简要如下
其中AS bit 控制asid的位数
T0/1SZ 指定了TTBR0/1转换的地址范围,根据T0/1SZ的大小和转换粒度开始进行stage1(VA–>IPA)的地址转换
对于linux的情况地址空间为两部分如下图,T0SZ为16,va_region1_bits=64-T0SZ,T1SZ为16,va_region2_bits=64-T1SZ
如果为single address va_bits = 64-T0SZ ,并且地址空间取64位lower bits
TG0/1 bit控制着TTBR0_EL0/1 的转换粒度
地址转换过程
address sapce与granule size
首先armv8的最大地址空间为48bit也可扩展至52bit,以48bit为例userspace地址空间为0x0000 0000 0000 0000 –> 0x0000 ffff ffff ffff ,kernel space 地址空间为0xffff 0000 0000 0000 –> 0xffff ffff ffff ffff 。
translation granule(粒度)支持4k,16k,64k。
granule size 决定了page size和单个translation table size
每个translation table descripter 有64bit,所以每个translation table 有pagesize bits – 3个descripter如下图所示,12bit的page size,level 1/2/3 的resolve bits 为9bit
translation table walk
虚拟地址到物理地址的转换过程称为Translation table walks
A translation table walk comprises one or more translation table lookups. The translation table walk is the set of lookups that are required to translate the VA to the PA. For the EL1&0, when EL2 is enabled, translation regime, this set includes lookups for both the stage 1 translation and the stage 2 translation, but translation table walk can also be used to refer to either:
The set of lookups required for the stage 1 translation, that translates the VA to the IPA. This is the stage 1 translation table walk.
The set of lookups required for the stage 2 translation, that translates the IPA to the PA. This is the stage 2 translation table walk
The translation table walk starts with a read of the translation table for the initial lookup. The TTBR_ELx for the stage of translation holds the base address of this table. Each translation table lookup returns a descriptor that indicates one of the following:
The entry is the final entry of the walk. In this case, the entry contains the OA, and the permissions and attributes for the access.
An additional level of lookup is required. In this case, the entry contains the translation table base address for that lookup
The descriptor is invalid. In this case, the memory access generates a Translation fault.
理解initial lookup level
ARM develop上有一段解释如下链接ARMv8 mmu problem – Architectures and Processors forum – Support forums – Arm Community
page与block的区别
看一段来自ARM develop的解释
ARMv8 mmu problem – Architectures and Processors forum – Support forums – Arm Community
block entry直接map了一段物理地址而不是指定了下一level 的lookup table,page table walk的lookup 遇到block_entry也是完成了一次完整的lookup。
以4k granule size为例
Original: https://blog.csdn.net/shenhuxi_yu/article/details/127761592
Author: shenhuxi_yu
Title: arm64 虚拟地址物理地址转换
原创文章受到原创版权保护。转载请注明出处:https://www.johngo689.com/657834/
转载文章受原作者版权保护。转载请注明原作者出处!