DDI0406C_D_armv7_AR_architecture_reference_manual.pdf 中 P1346
Stage 1 translations
Non-secure PL1&0 stage 1 translation
// host linux 用户态和 内核态(不包括hyp mode) 下的内存访问// guest linux 用户态 和 内核态的内存访问(不包括hyp mode) // 现在不考虑嵌套虚拟化
The stage 1 translation for memory accesses from Non-secure modes other than Hyp
mode. In an implementation that includes the Virtualization Extensions, this translates
a VA to an IPA, otherwise it translates a VA to a PA. For this translation:
• Non-secure TTBR0 or TTBR1 holds the translation table base address.
• Non-secure TTBCR determines which TTBR is used.
• The input address range is up to 32 bits, as determined by either:
— TTBCR.T0SZ or TTBCR.T1SZ,for a PL1&0 stage 1 translation.
— HTCR.T0SZ,for a PL2 stage 1 translation.
• The output address range is 40 bits.
Non-secure PL2 stage 1 translation
// host linux hyp mode 下的内存访问
The stage 1 translation for memory accesses from Hyp mode. Supported only if the
implementation includes the Virtualization Extensions, and translates a VA to a PA. For
this translation, HTTBR holds the translation table base address.
• The input address range is up to 32 bits, as determined by either:
— TTBCR.T0SZ or TTBCR.T1SZ,for a PL1&0 stage 1 translation.
— HTCR.T0SZ,for a PL2 stage 1 translation.
• The output address range is 40 bits.
Stage 2 translation
Non-secure PL1&0 stage 2 translation
// guest linux 用户态 和 内核态的内存访问
The stage 2 translation for memory accesses from Non-secure modes other than Hyp
mode. Supported only if the implementation includes the Virtualization Extensions, and
translates an IPA to a PA. For this translation:
• The input address range is 40 bits, as determined by VTCR.T0SZ.
• The output address range depends on the implemented memory system, and is up
to 40 bits.
• VTTBR holds the translation table base address.
• VTCR specifies the required input address range, and whether the first lookup is
at the first level or at the second level.
综上
host 下的内存访问 有两个页表基址
TTBR0或TTBR1 用于 内核态与用户态下的内存访问第一步,共一步 , 里面有 HVA -> HPA 的 映射关系
HTTBR 用于 hyp mode 下的 内存访问
guest 下的内存访问 有 2个 页表基址
TTBR0或TTBR1 用于 内核态与用户态下的内存访问第一步,共两步 , 里面有 GVA -> GPA 的 映射关系
VTTBR 用于 内核态与用户态下的内存访问第二步,共两步 , 里面有 GPA -> HPA 的 映射关系
---
host linux 本身要维护
TTBR0或TTBR1 及 内核 及各个进程的页目录表(页表)
如果添上虚拟机,则需要添加
1. host 设置 虚拟机进程的 TTBR0或TTBR1 及 其中的 页目录表基址 和 相应的页表 // 对应B2. host 设置 HTTBR 及 HTTBR 中的页目录表基址 和 相应的页表 // 对应A3. host 设置 虚拟机进程所需要的 VTTBR 及 其中的 页目录表基址 和 相应的页表 // 对应D4. guest 设置 自身用到 的 TTBR0或TTBR1 及 其中的 页目录表基址 和 相应的页表 // 对应C
内存访存流程伪代码
if(in host hyp mode){
search table base addr in HTTBR & Start MMU memory access process // A}elseif(in host other mode){
search table base addr in TTBR0/TTBR1 & Start MMU memory access process // B}elseif(in guest hyp mode){
...// TODO}elseif(in guest other mode){
search table base addr in TTBR0/TTBR1 & Start MMU memory access process // C
search table base addr in VTTBR & Start MMU memory access process // D}