[Qemu-devel] How QEMU maintains the translation from guest virtual address to guest physical address?

[Qemu-devel] How QEMU maintains the translation from guest virtual address to guest physical address?

[浩倫 魏]

[-- Attachment #1: Type: text/plain, Size: 899 bytes --]

Hi, all:
I've been trying to understand the process of address translation inside QEMU, but I got stuck in GVA->GPA.I've known that QEMU uses a two level description table 'PhysPageDesc' to maintain the translation between GPA & HVA(host virtual address), but I couldn't find out where QEMU translates GVA to GPA to go to that table to find HVA when a TLB missed occured. I've traced the internal codes and there are something may be able to solve my problems but I can't figure it out, could anyone help me?There is a function get_level1_table_address() called by get_phys_addr() in target-arm/helper.c, and it seems like start translating the GVA to GPA. But I don't understand the env->cp15.c2_base_mask variable which claimed to be the MMU translation table base selection mask means. Where is the description of MMU translation table?
Any suggestions would be helpful to me.Thanks in advance. 

[-- Attachment #2: Type: text/html, Size: 2023 bytes --]

Re: [Qemu-devel] How QEMU maintains the translation from guest virtual address to guest physical address?

[Peter Maydell]

On 6 May 2015 at 15:22, 浩倫 魏 <goberwei@yahoo.com.tw> wrote:
> I've been trying to understand the process of address translation inside
> QEMU, but I got stuck in GVA->GPA.
> I've known that QEMU uses a two level description table 'PhysPageDesc' to
> maintain the translation between GPA & HVA(host virtual address), but I
> couldn't find out where QEMU translates GVA to GPA to go to that table to
> find HVA when a TLB missed occured.
> I've traced the internal codes and there are something may be able to solve
> my problems but I can't figure it out, could anyone help me?
> There is a function get_level1_table_address() called by get_phys_addr() in
> target-arm/helper.c, and it seems like start translating the GVA to GPA. But
> I don't understand the env->cp15.c2_base_mask variable which claimed to be
> the MMU translation table base selection mask means. Where is the
> description of MMU translation table?

To repeat the answer I just posted on stackoverflow:

The code you are looking at (get_phys_addr() and the functions it
calls) is implementing the page table walk algorithm for ARM. This
(and the data structures in guest memory which it reads) is defined
in the architecture reference manual (the "ARM ARM"). To understand
the code you need to read the relevant sections of the architecture
specification so you know what we're trying to emulate.

(For instance, the c2_base_mask is precalculated based on the value
in the 'N' field of the translation table base control register (TTBCR)
and is part of the calculation of the translation table base address.)

-- PMM

Re: [Qemu-devel] How QEMU maintains the translation from guest virtual address to guest physical address?

[浩倫 魏]

[-- Attachment #1: Type: text/plain, Size: 1994 bytes --]

Thanks for the response.
So am I in the right path if I want to know how QEMU translates GVA to GPA?I have question about that if guest OS would take part in the translation between GCA to GPA? Or qemu-softmmu would take control everything?
Respectfully,Gober Wei


     Peter Maydell <peter.maydell@linaro.org> 於 2015/5/7 (週四) 1:26 AM 寫道﹕
   

 On 6 May 2015 at 15:22, 浩倫 魏 <goberwei@yahoo.com.tw> wrote:
> I've been trying to understand the process of address translation inside
> QEMU, but I got stuck in GVA->GPA.
> I've known that QEMU uses a two level description table 'PhysPageDesc' to
> maintain the translation between GPA & HVA(host virtual address), but I
> couldn't find out where QEMU translates GVA to GPA to go to that table to
> find HVA when a TLB missed occured.
> I've traced the internal codes and there are something may be able to solve
> my problems but I can't figure it out, could anyone help me?
> There is a function get_level1_table_address() called by get_phys_addr() in
> target-arm/helper.c, and it seems like start translating the GVA to GPA. But
> I don't understand the env->cp15.c2_base_mask variable which claimed to be
> the MMU translation table base selection mask means. Where is the
> description of MMU translation table?

To repeat the answer I just posted on stackoverflow:

The code you are looking at (get_phys_addr() and the functions it
calls) is implementing the page table walk algorithm for ARM. This
(and the data structures in guest memory which it reads) is defined
in the architecture reference manual (the "ARM ARM"). To understand
the code you need to read the relevant sections of the architecture
specification so you know what we're trying to emulate.

(For instance, the c2_base_mask is precalculated based on the value
in the 'N' field of the translation table base control register (TTBCR)
and is part of the calculation of the translation table base address.)

-- PMM


  

[-- Attachment #2: Type: text/html, Size: 3613 bytes --]

Re: [Qemu-devel] How QEMU maintains the translation from guest virtual address to guest physical address?

[Peter Maydell]

On 6 May 2015 at 19:41, 浩倫 魏 <goberwei@yahoo.com.tw> wrote:
> So am I in the right path if I want to know how QEMU translates GVA to GPA?
> I have question about that if guest OS would take part in the translation
> between GCA to GPA? Or qemu-softmmu would take control everything?

Well, the guest OS is what sets up the page tables in memory
which QEMU (or the real CPU, in hardware) is reading. So it's
the guest OS that controls what the mapping is, in the end.

-- PMM