early_fixmap_init打印变量

已于 2023-12-25 22:40:20 修改
阅读量117 收藏
点赞数
文章标签: c语言
于 2023-12-16 23:01:49 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/haotianmai/article/details/135037929
版权

 环境: linux kernel 5.10  arm64

/*
 * The p*d_populate functions call virt_to_phys implicitly so they can't be used
 * directly on kernel symbols (bm_p*d). This function is called too early to use
 * lm_alias so __p*d_populate functions must be used to populate with the
 * physical address from __pa_symbol.
 */
void __init early_fixmap_init(void)
{
	pgd_t *pgdp;
	p4d_t *p4dp, p4d;
	pud_t *pudp;
	pmd_t *pmdp;
	unsigned long addr = FIXADDR_START;  

    //add by xiawei
	unsigned long vmemmap_size = VMEMMAP_SIZE;
	unsigned long page_offset = PAGE_OFFSET;
	unsigned long modules_end = MODULES_END;
	unsigned long bpf_jit_region_start = BPF_JIT_REGION_START;
	unsigned long bpf_jit_region_end = BPF_JIT_REGION_END;
	unsigned long modules_vaddr = MODULES_VADDR;
	unsigned long vmemmap_start = VMEMMAP_START;
	unsigned long vmemmap_end = VMEMMAP_END;
	unsigned long pci_io_end = PCI_IO_END;
	unsigned long pci_io_start = PCI_IO_START;
	unsigned long fixaddr_top = FIXADDR_TOP;
	unsigned long fixaddr_start = FIXADDR_START;
	unsigned long fixaddr_size = FIXADDR_SIZE;

	//add by xiawei print the result
	int pgdt_index = (addr >> 39) & 511;
	int pudt_index = (addr >> 30) & 511;
	int pmdt_index = (addr >> 21) & 511;
	int ptet_index = (addr >> 12) & 511;
	unsigned long pgd_p, vpgd_p;
	unsigned long pud_p, vpud_p;
	unsigned long pmd_p, vpmd_p;
	unsigned long pte_p;
	
	pr_notice("addr is 0x%lx\n", addr);  //add by xiawei addr is 0xfffffdfffe5f9000
	pr_notice("VMEMMAP_SIZE :0x%lx, PAGE_OFFSET :0x%lx, KIMAGE_VADDR(MODULES_END):0x%lx, BPF_JIT_REGION_START:0x%lx,"
	    "BPF_JIT_REGION_END:0x%lx, MODULES_VADDR:0x%lx, VMEMMAP_START:0x%lx, VMEMMAP_END:0x%lx,"
	    "PCI_IO_END:0x%lx, PCI_IO_START:0x%lx, FIXADDR_TOP:0x%lx, FIXADDR_START:0x%lx, fixaddr_size:0x%lx\n", vmemmap_size, page_offset, modules_end,
	    bpf_jit_region_start, bpf_jit_region_end, modules_vaddr, vmemmap_start, vmemmap_end, pci_io_end, 
	    pci_io_start, fixaddr_top, fixaddr_start, fixaddr_size);

	pgdp = pgd_offset_k(addr);	
	p4dp = p4d_offset(pgdp, addr);
	p4d = READ_ONCE(*p4dp);
	pr_notice("swapper_pg_dir is %llx, init_mm.pgd :%llx, pgdp:%llx, p4dp:%llx, p4d:%llx\n", (u64)swapper_pg_dir, (u64)init_mm.pgd, (u64)pgdp, (u64)p4dp, (u64)p4d.pgd.pgd); //add by xiawei
	if (CONFIG_PGTABLE_LEVELS > 3 &&
	    !(p4d_none(p4d) || p4d_page_paddr(p4d) == __pa_symbol(bm_pud))) {
		/*
		 * We only end up here if the kernel mapping and the fixmap
		 * share the top level pgd entry, which should only happen on
		 * 16k/4 levels configurations.
		 */
		BUG_ON(!IS_ENABLED(CONFIG_ARM64_16K_PAGES));
		pudp = pud_offset_kimg(p4dp, addr);
	} else {
		if (p4d_none(p4d)) {	    
		    pr_notice("p4d_none(p4d)\n");//add by xiawei
			__p4d_populate(p4dp, __pa_symbol(bm_pud), PUD_TYPE_TABLE);
		}
		pudp = fixmap_pud(addr);
		pr_notice("pudp:%llx, __pa_symbol(bm_pud):%llx, bm_pud:%llx, PAGE_END:%llx, kimage_voffset:%llx, &kimage_voffset:%llx\n",
		    (u64)pudp, __pa_symbol(bm_pud), (u64)bm_pud, (u64)PAGE_END, kimage_voffset, (u64)&kimage_voffset); //add by xiawei
	    pr_notice("vabits_actual :0x%llx, &vabits_actual :%llx\n", vabits_actual, (u64)&vabits_actual);//add by xiawei

	}
	if (pud_none(READ_ONCE(*pudp))) {
	    pr_notice("pud_none(READ_ONCE(*pudp))\n");//add by xiawei
		__pud_populate(pudp, __pa_symbol(bm_pmd), PMD_TYPE_TABLE);
    }
	pmdp = fixmap_pmd(addr);
	__pmd_populate(pmdp, __pa_symbol(bm_pte), PMD_TYPE_TABLE);

	//add by xiawei
	pgd_p = (unsigned long)(*((unsigned long*)init_pg_dir + pgdt_index)); //物理地址
	pr_notice("addr is :%lx, pgdt_index(0x%x):%lx, __pa_symbol(bm_pud):%llx\n", addr, pgdt_index, pgd_p, __pa_symbol(bm_pud));
	pgd_p = (pgd_p>>12) << 12;
    vpgd_p = __phys_to_kimg(pgd_p);
    pr_notice("vpgd_p is :%lx, bm_pud:%llx\n", vpgd_p, (u64)bm_pud);
	
	pud_p = (unsigned long)(*((unsigned long*)vpgd_p + pudt_index));
	pr_notice("addr is :%lx, pudt_index(0x%x):%lx, __pa_symbol(bm_pmd):%llx\n", addr, pudt_index, pud_p, __pa_symbol(bm_pmd));
	pud_p = (pud_p>>12) << 12;
	vpud_p =  __phys_to_kimg(pud_p);
	pr_notice("vpud_p is :%lx, bm_pmd:%llx\n", vpud_p, (u64)bm_pmd);
	
	pmd_p = (unsigned long)(*((unsigned long*)vpud_p + pmdt_index));
	pr_notice("addr is :%lx, pmdt_index(0x%x):%lx, __pa_symbol(bm_pte):%llx\n", addr, pmdt_index, pmd_p, __pa_symbol(bm_pte));
    pmd_p = (pmd_p>>12) << 12;
    vpmd_p = __phys_to_kimg(pmd_p);
    pr_notice("vpmd_p is :%lx, bm_pte:%llx\n", vpmd_p, (u64)bm_pte);
	
	pte_p = (unsigned long)(*((unsigned long*)vpmd_p + ptet_index));  //phy addr is 0, because is not malloced page
	pr_notice("addr is :%lx, ptet_index(0x%x):%lx\n", addr, ptet_index, pte_p);

	print_kimage_start();

	/*
	 * The boot-ioremap range spans multiple pmds, for which
	 * we are not prepared:
	 */
	BUILD_BUG_ON((__fix_to_virt(FIX_BTMAP_BEGIN) >> PMD_SHIFT)
		     != (__fix_to_virt(FIX_BTMAP_END) >> PMD_SHIFT));

	if ((pmdp != fixmap_pmd(fix_to_virt(FIX_BTMAP_BEGIN)))
	     || pmdp != fixmap_pmd(fix_to_virt(FIX_BTMAP_END))) {
		WARN_ON(1);
		pr_warn("pmdp %p != %p, %p\n",
			pmdp, fixmap_pmd(fix_to_virt(FIX_BTMAP_BEGIN)),
			fixmap_pmd(fix_to_virt(FIX_BTMAP_END)));
		pr_warn("fix_to_virt(FIX_BTMAP_BEGIN): %08lx\n",
			fix_to_virt(FIX_BTMAP_BEGIN));
		pr_warn("fix_to_virt(FIX_BTMAP_END):   %08lx\n",
			fix_to_virt(FIX_BTMAP_END));

		pr_warn("FIX_BTMAP_END:       %d\n", FIX_BTMAP_END);
		pr_warn("FIX_BTMAP_BEGIN:     %d\n", FIX_BTMAP_BEGIN);
	}
}

//test by xiawei
void print_kimage_start(void)
{
	unsigned long addr = (unsigned long)_text; 
	int pgdt_index = (addr >> 39) & 511;
	int pudt_index = (addr >> 30) & 511;
	int pmdt_index = (addr >> 21) & 511;
	unsigned long pgd_p, vpgd_p;
	unsigned long pud_p, vpud_p;
	unsigned long pmd_p, vpmd_p;
	unsigned long page_offset;
	unsigned long vir_text;
	//int i;
	//unsigned char *p;

    pr_notice("_text result:\n");
	pgd_p = (unsigned long)(*((unsigned long*)init_pg_dir + pgdt_index)); //物理地址
	pr_notice("addr is :%lx, pgdt_index(0x%x):%lx\n", addr, pgdt_index, pgd_p);
	pgd_p = (pgd_p>>12) << 12;
	vpgd_p = __phys_to_kimg(pgd_p);
	pr_notice("vpgd_p is :%lx\n", vpgd_p);
	
	pud_p = (unsigned long)(*((unsigned long*)vpgd_p + pudt_index));
	pr_notice("addr is :%lx, pudt_index(0x%x):%lx\n", addr, pudt_index, pud_p);
	pud_p = (pud_p>>12) << 12;
	vpud_p =  __phys_to_kimg(pud_p);
	pr_notice("vpud_p is :%lx\n", vpud_p);

	//2M大小
	pmd_p = (unsigned long)(*((unsigned long*)vpud_p + pmdt_index));
	pr_notice("addr is :%lx, pmdt_index(0x%x):%lx\n", addr, pmdt_index, pmd_p);
	pmd_p = (pmd_p>>12) << 12;
	vpmd_p = __phys_to_kimg(pmd_p);
	pr_notice("vpmd_p is :%lx\n", vpmd_p);
	
	page_offset = addr & ((1<<21)-1);
	
    vir_text = vpmd_p | page_offset;
    pr_notice("virt _text is :%lx\n", vir_text);

    pr_notice("_end result:\n");
    addr = (unsigned long)_end;
    pgdt_index = (addr >> 39) & 511;
	pudt_index = (addr >> 30) & 511;
	pmdt_index = (addr >> 21) & 511;
	pgd_p = (unsigned long)(*((unsigned long*)init_pg_dir + pgdt_index)); //物理地址
	pr_notice("addr is :%lx, pgdt_index(0x%x):%lx\n", addr, pgdt_index, pgd_p);
	pgd_p = (pgd_p>>12) << 12;
	vpgd_p = __phys_to_kimg(pgd_p);
	pr_notice("vpgd_p is :%lx\n", vpgd_p);
	
	pud_p = (unsigned long)(*((unsigned long*)vpgd_p + pudt_index));
	pr_notice("addr is :%lx, pudt_index(0x%x):%lx\n", addr, pudt_index, pud_p);
	pud_p = (pud_p>>12) << 12;
	vpud_p =  __phys_to_kimg(pud_p);
	pr_notice("vpud_p is :%lx\n", vpud_p);

	//2M大小
	pmd_p = (unsigned long)(*((unsigned long*)vpud_p + pmdt_index));
	pr_notice("addr is :%lx, pmdt_index(0x%x):%lx\n", addr, pmdt_index, pmd_p);
	pmd_p = (pmd_p>>12) << 12;
	vpmd_p = __phys_to_kimg(pmd_p);
	pr_notice("vpmd_p is :%lx\n", vpmd_p);
	
	page_offset = addr & ((1<<21)-1);
	
    vir_text = vpmd_p | page_offset;
    pr_notice("virt _end is :%lx\n", vir_text);
//    p = (unsigned char *)vir_text;
//    //print the content
//    pr_notice("the _text 100 content is :\n");
//    for (i=0; i<100; i++) {
//        if (!(i%16) && !i) {
//            pr_notice("\n");
//        }
//        pr_notice("%02x ", p[i]);
//    }
//    pr_notice("\n");

    return;
}

打印结果

[    0.692482] addr is 0xfffffdfffe5f9000
[    0.692497] VMEMMAP_SIZE :0x20000000000, PAGE_OFFSET :0xffff000000000000, KIMAGE_VADDR(MODULES_END):0xffff800010000000, BPF_JIT_REGION_START:0xffff800000000000,BPF_JIT_REGION_END:0xffff800008000000, MODULES_VADDR:0xffff800008000000, VMEMMAP_START:0xfffffdffffe00000, VMEMMAP_END:0xffffffffffe00000,PCI_IO_END:0xfffffdffffc00000, PCI_IO_START:0xfffffdfffec00000, FIXADDR_TOP:0xfffffdfffea00000, FIXADDR_START:0xfffffdfffe5f9000, fixaddr_size:0x407000
[    0.692502] swapper_pg_dir is ffff800011675000, init_mm.pgd :ffff800012129000, pgdp:ffff800012129fd8, p4dp:ffff800012129fd8, p4d:0
[    0.692504] p4d_none(p4d)
[    0.692510] pudp:ffff80001208bff8, __pa_symbol(bm_pud):248b000, bm_pud:ffff80001208b000, PAGE_END:ffff800000000000, kimage_voffset:ffff80000fc00000, &kimage_voffset:ffff8000115dd580
[    0.692513] vabits_actual :0x30, &vabits_actual :ffff800012087810
[    0.692515] pud_none(READ_ONCE(*pudp))
[    0.692519] addr is :fffffdfffe5f9000, pgdt_index(0x1fb):248b003, __pa_symbol(bm_pud):248b000
[    0.692522] vpgd_p is :ffff80001208b000, bm_pud:ffff80001208b000
[    0.692526] addr is :fffffdfffe5f9000, pudt_index(0x1ff):248c003, __pa_symbol(bm_pmd):248c000
[    0.692529] vpud_p is :ffff80001208c000, bm_pmd:ffff80001208c000
[    0.692533] addr is :fffffdfffe5f9000, pmdt_index(0x1f2):248d003, __pa_symbol(bm_pte):248d000
[    0.692536] vpmd_p is :ffff80001208d000, bm_pte:ffff80001208d000
[    0.692539] addr is :fffffdfffe5f9000, ptet_index(0x1f9):0
[    0.692542] _text result:
[    0.692545] addr is :ffff800010000000, pgdt_index(0x100):252a003
[    0.692548] vpgd_p is :ffff80001212a000
[    0.692551] addr is :ffff800010000000, pudt_index(0x0):252b003
[    0.692554] vpud_p is :ffff80001212b000
[    0.692557] addr is :ffff800010000000, pmdt_index(0x80):400701
[    0.692560] vpmd_p is :ffff800010000000
[    0.692562] virt _text is :ffff800010000000
[    0.692564] _end result:
[    0.692567] addr is :ffff800012130000, pgdt_index(0x100):252a003
[    0.692570] vpgd_p is :ffff80001212a000
[    0.692573] addr is :ffff800012130000, pudt_index(0x0):252b003
[    0.692575] vpud_p is :ffff80001212b000
[    0.692578] addr is :ffff800012130000, pmdt_index(0x90):2400701
[    0.692581] vpmd_p is :ffff800012000000
[    0.692583] virt _end is :ffff800012130000

1.

SYM_FUNC_START_LOCAL(__create_page_tables)
    //test by xiawei to print _text phy address
    print_char x0, x1,x2,#0x3a    // ':'
    adr_l x1, _text
    print_reg64 x1,x6 

    print_char x0, x1,x2,#0x3a    // ':'
    adr_l x1, swapper_pg_dir
    print_reg64 x1,x6

说明_text物理地址为0x0000000000400000,  swapper_pg_dir物理地址为0x0000000001A75000

2.

#define CONFIG_ARM64_VA_BITS 48

#define VA_BITS            (CONFIG_ARM64_VA_BITS)
#define _PAGE_OFFSET(va)    (-(UL(1) << (va)))
#define PAGE_OFFSET        (_PAGE_OFFSET(VA_BITS))

因为0 = 0xffffffff ffffffff + 1,

所以PAGE_OFFSET   = -(1ul<<48) = -(1ul<<48) + 0 = -(1ul<<48) + 0xffffffff ffffffff + 1

  = 0xfffeffff ffffffff + 1 = 0xffff0000 00000000

验证代码如下:

#define VA_BITS			(48)
#define _PAGE_OFFSET(va)	(-(1UL << (va)))
#define PAGE_OFFSET		(_PAGE_OFFSET(VA_BITS))

void main()
{
	unsigned long aa = PAGE_OFFSET;
	printf("aa:0x%lx\n", aa);
	
	unsigned long bb = 1UL << 39;
	printf("bb:0x%lx\n", bb);
	
	unsigned long cc = (((((((-(((1UL)) << ((((48))) - 1))))) + (0x08000000))) + (0x08000000)));
	printf("cc:0x%lx\n", cc);

	unsigned int dd  = -(1<<1);
	printf("dd:0x%x\n", dd);
	
}

3.

vmlinux.lds.S中

在vmlinux.lds中KIMAGE_VADDR被扩展为

即KIMAGE_VADDR = (((((((-(((1)) << ((((48))) - 1))))) + (0x08000000))) + (0x08000000)))

 = -(1 << (48 - 1)) + (0x08000000) + (0x08000000)

= -(1<<47) + 0 + 0x10000000

= -(1<<47) + 0xffffffff ffffffff + 1 + 0x10000000

= 0xffff7fff ffffffff + 1 + 0x10000000

= 0xffff8000 00000000 + 0x10000000

= 0xffff8000 10000000

对应System.map中的_text虚拟地址

同时在arch/arm64/include/asm/memory.h中KIMAGE_VADDR定义

#define KIMAGE_VADDR        (MODULES_END)

  #define MODULES_END        (MODULES_VADDR + MODULES_VSIZE)

    #define MODULES_VSIZE        (SZ_128M)  //即2^27 = 1<<27 = 0x8000000

    #define MODULES_VADDR        (BPF_JIT_REGION_END)

      #define BPF_JIT_REGION_END    (BPF_JIT_REGION_START + BPF_JIT_REGION_SIZE)

        #define BPF_JIT_REGION_SIZE    (SZ_128M)  //即0x8000000

       #define BPF_JIT_REGION_START    (KASAN_SHADOW_END)

          #define KASAN_SHADOW_END    (_PAGE_END(VA_BITS_MIN))

分析KASAN_SHADOW_END

#define VA_BITS_MIN        (VA_BITS)  //即48

#define _PAGE_END(va)        (-(UL(1) << ((va) - 1))) 

即_PAGE_END(48) =  (-(UL(1) << ((48) - 1))) = -(1<<47) = -(1<<47) + 0

                                = -(1<<47) + 0xffffffff ffffffff + 1 

                                = 0xffff8000 00000000

所以回溯

#define KASAN_SHADOW_END 0xffff8000 00000000

#define BPF_JIT_REGION_START 0xffff8000 00000000

#define BPF_JIT_REGION_END    (BPF_JIT_REGION_START + BPF_JIT_REGION_SIZE)

                               = 0xffff8000 00000000 + 0x8000000 = 0xffff8000 08000000

 #define MODULES_VADDR        (BPF_JIT_REGION_END)

                                = 0xffff8000 08000000

#define MODULES_END        (MODULES_VADDR + MODULES_VSIZE)

                               = 0xffff8000 08000000 + 0x8000000

                               = 0xffff8000 10000000

#define KIMAGE_VADDR        (MODULES_END)

                              = 0xffff8000 10000000

4.

orangepi@orangepi5plus:~$ dmesg

[    0.693878] addr is 0xfffffdfffe5f9000

[    0.693894] VMEMMAP_SIZE :0x20000000000, PAGE_OFFSET :0xffff000000000000, KIMAGE_VADDR(MODULES_END):0xffff800010000000, BPF_JIT_REGION_START:0xffff800000000000,BPF_JIT_REGION_END:0xffff800008000000, MODULES_VADDR:0xffff800008000000, VMEMMAP_START:0xfffffdffffe00000, VMEMMAP_END:0xffffffffffe00000,PCI_IO_END:0xfffffdffffc00000, PCI_IO_START:0xfffffdfffec00000, FIXADDR_TOP:0xfffffdfffea00000, FIXADDR_START:0xfffffdfffe5f9000, fixaddr_size:0x407000

(注:没有使能CONFIG_KASAN_GENERIC,所以没有kasan shadow region)

bpf jit region         0xffff8000 00000000 -- 0xffff8000 08000000-1

modules               0xffff8000 08000000 --  0xffff8000 10000000-1 

kimage                 0xffff8000 10000000

fixed mappings    0xfffffdfffe5f9000   -- 0xfffffdfffea00000-1

PCI I/O space      0xfffffdfffec00000  -- 0xfffffdffffc00000-1

vmemmap           0xfffffdffffe00000 -- 0xffffffffffe00000-1

5.

参考Documentation\arm64\memory.rst  (注含kasan shadow region)

AArch64 Linux memory layout with 4KB pages + 4 levels (48-bit)::

  Start			End			Size		Use
  -----------------------------------------------------------------------
  0000000000000000	0000ffffffffffff	 256TB		user
  ffff000000000000	ffff7fffffffffff	 128TB		kernel logical memory map
  ffff800000000000	ffff9fffffffffff	  32TB		kasan shadow region
  ffffa00000000000	ffffa00007ffffff	 128MB		bpf jit region
  ffffa00008000000	ffffa0000fffffff	 128MB		modules
  ffffa00010000000	fffffdffbffeffff	 ~93TB		vmalloc
  fffffdffbfff0000	fffffdfffe5f8fff	~998MB		[guard region]
  fffffdfffe5f9000	fffffdfffe9fffff	4124KB		fixed mappings
  fffffdfffea00000	fffffdfffebfffff	   2MB		[guard region]
  fffffdfffec00000	fffffdffffbfffff	  16MB		PCI I/O space
  fffffdffffc00000	fffffdffffdfffff	   2MB		[guard region]
  fffffdffffe00000	ffffffffffdfffff	   2TB		vmemmap
  ffffffffffe00000	ffffffffffffffff	   2MB		[guard region]

6.

early_fixmap_init函数

unsigned long addr = FIXADDR_START;
pgdp = pgd_offset_k(addr);    
p4dp = p4d_offset(pgdp, addr);
p4d = READ_ONCE(*p4dp);
/*
 * a shortcut which implies the use of the kernel's pgd, instead
 * of a process's
 */
#ifndef pgd_offset_k
#define pgd_offset_k(address)		pgd_offset(&init_mm, (address))
#endif

/*
 * a shortcut to get a pgd_t in a given mm
 */
#ifndef pgd_offset
#define pgd_offset(mm, address)		pgd_offset_pgd((mm)->pgd, (address))
#endi

struct mm_struct init_mm = {
	.mm_rb		= RB_ROOT,
#ifdef CONFIG_SPECULATIVE_PAGE_FAULT
	.mm_rb_lock	= __RW_LOCK_UNLOCKED(init_mm.mm_rb_lock),
#endif
	.pgd		= swapper_pg_dir,
	.mm_users	= ATOMIC_INIT(2),
	.mm_count	= ATOMIC_INIT(1),
	.write_protect_seq = SEQCNT_ZERO(init_mm.write_protect_seq),
	MMAP_LOCK_INITIALIZER(init_mm)
	.page_table_lock =  __SPIN_LOCK_UNLOCKED(init_mm.page_table_lock),
	.arg_lock	=  __SPIN_LOCK_UNLOCKED(init_mm.arg_lock),
	.mmlist		= LIST_HEAD_INIT(init_mm.mmlist),
	.user_ns	= &init_user_ns,
	.cpu_bitmap	= CPU_BITS_NONE,
	INIT_MM_CONTEXT(init_mm)
};

#define INIT_MM_CONTEXT(name)	\
	.pgd = init_pg_dir,

所以init_mm.pgd被重载为init_pg_dir, 查看System.map中init_pg_dir地址

init_pg_dir对应的物理内存处存储L0页表,存储kernel image虚拟地址到物理地址的线性映射关系。kernel image 起始地址ffff800010000000,物理地址0x0000000000400000,见代码:

	/*
	 * Map the kernel image (starting with PHYS_OFFSET).
	 */
	adrp	x0, init_pg_dir
	mov_q	x5, KIMAGE_VADDR		// compile time __va(_text)
	add	x5, x5, x23			// add KASLR displacement
	mov	x4, PTRS_PER_PGD
	adrp	x6, _end			// runtime __pa(_end)
	adrp	x3, _text			// runtime __pa(_text)
	sub	x6, x6, x3			// _end - _text
	add	x6, x6, x5			// runtime __va(_end)

	map_memory x0, x1, x5, x6, x7, x3, x4, x10, x11, x12, x13, x14

加打印

pr_notice("swapper_pg_dir is %llx, init_mm.pgd :%llx, pgdp:%llx, p4dp:%llx,
 p4d:%llx\n", (u64)swapper_pg_dir, (u64)init_mm.pgd, (u64)pgdp, (u64)p4dp,
 (u64)p4d.pgd.pgd);

后结果 : addr is 0xfffffdfffe5f9000

swapper_pg_dir is ffff800011675000, init_mm.pgd :ffff800012129000, pgdp:ffff800012129fd8, p4dp:ffff800012129fd8, p4d:248b003

分析:

#define pgd_offset_k(address)        pgd_offset(&init_mm, (address))
#define pgd_offset(mm, address)        pgd_offset_pgd((mm)->pgd, (address))

static inline pgd_t *pgd_offset_pgd(pgd_t *pgd, unsigned long address)
{
    return (pgd + pgd_index(address));  //init_mm.pgd + pgd_index(address)
};

#define pgd_index(a)  (((a) >> PGDIR_SHIFT) & (PTRS_PER_PGD - 1))

#define PGDIR_SHIFT        ARM64_HW_PGTABLE_LEVEL_SHIFT(4 - CONFIG_PGTABLE_LEVELS)
#define CONFIG_PGTABLE_LEVELS 4

#define ARM64_HW_PGTABLE_LEVEL_SHIFT(0)    ((PAGE_SHIFT - 3) * (4 - (0)) + 3)
#define PAGE_SHIFT        CONFIG_ARM64_PAGE_SHIFT //12

ARM64_HW_PGTABLE_LEVEL_SHIFT(0) = ((12 - 3) * (4 - (0)) + 3)
                                =  9*4 +3 = 39
PGDIR_SHIFT = 39                                
                                
#define PTRS_PER_PGD        (1 << (VA_BITS - PGDIR_SHIFT))
                        = (1<<(48-39))    
                        = 1<<9 = 512                        

pgd_index(a) = (((a) >> 39) & (512 - 1))

Translation table lookup with 4KB pages::

  +--------+--------+--------+--------+--------+--------+--------+--------+
  |63    56|55    48|47    40|39    32|31    24|23    16|15     8|7      0|
  +--------+--------+--------+--------+--------+--------+--------+--------+
   |                 |         |         |         |         |
   |                 |         |         |         |         v
   |                 |         |         |         |   [11:0]  in-page offset
   |                 |         |         |         +-> [20:12] L3 index
   |                 |         |         +-----------> [29:21] L2 index
   |                 |         +---------------------> [38:30] L1 index
   |                 +-------------------------------> [47:39] L0 index
   +-------------------------------------------------> [63] TTBR0/1

pgd_offset_k(0xfffffdfffe5f9000) = init_mm.pgd + pgd_index(0xfffffdfffe5f9000) 
                               = (pgd_t *)ffff800012129000 +  (0xfffffdfffe5f9000 >> 39) & (512 - 1)
                               = ffff800012129000 + sizeof((pgd_t *)) * ((0xfffffdfffe5f9000 >> 39) & (512 - 1))
                               = ffff800012129000 + 8*(0x1FFFFFB & (512-1))
                               = ffff800012129000 + 8 * 0x1fb   //L0(pgd)表项索引为0x1fb
                               = ffff800012129000 + 0xfd8
                               = ffff800012129fd8

所以pgdp = pgd_offset_k(addr) = 0xffff800012129fd8

static inline p4d_t *p4d_offset(pgd_t *pgd, unsigned long address)
{
	return (p4d_t *)pgd;
}

所以p4dp = p4d_offset(pgdp, addr) = (p4d_t *)pgdp = 0xffff800012129fd8;  //没有p4d表,将p4d表地址等同于pgd表

p4d = READ_ONCE(*p4dp)=0x248b003  //L0表中index为0x1fb表项的内容,对应L1表的物理地址为0x248b000,(3表示表项的属性),那么对应哪块内存呢?

因为_text物理地址为0x0000000000400000, 虚拟地址为ffff800010000000

那么       物理地址   0x248b000, 对应的虚拟地址是0x248b000 - 0x400000 + ffff800010000000

                                                                                = 0xffff80001208B000

查找System.map

即对应变量bm_pud

else {
		if (p4d_none(p4d))
			__p4d_populate(p4dp, __pa_symbol(bm_pud), PUD_TYPE_TABLE);
		pudp = fixmap_pud(addr);
	}

添加打印

		pr_notice("pudp:%llx, __pa_symbol(bm_pud):%llx, bm_pud:%llx, PAGE_END:%llx, kimage_voffset:%llx\n",
		    (u64)pudp, __pa_symbol(bm_pud), (u64)bm_pud, (u64)PAGE_END, kimage_voffset);

打印结果

[    0.692457] pudp:ffff80001208bff8, __pa_symbol(bm_pud):248b000, bm_pud:ffff80001208b000, PAGE_END:ffff800000000000, kimage_voffset:ffff80000fc00000

可知bm_pud的虚拟地址和物理地址和上面一样。

插入一个遗漏的代码,需要满足

p4d_page_paddr(p4d) == __pa_symbol(bm_pud)
static inline phys_addr_t p4d_page_paddr(p4d_t p4d)
{
	return __p4d_to_phys(p4d);
}

#define __p4d_to_phys(p4d)	__pte_to_phys(p4d_pte(p4d))

分析

#define __pte_to_phys(pte)    (pte_val(pte) & PTE_ADDR_MASK)
#define pte_val(x)    ((x).pte)
#define PTE_ADDR_MASK        PTE_ADDR_LOW
#define PTE_ADDR_LOW        (((_AT(pteval_t, 1) << (48 - PAGE_SHIFT)) - 1) << PAGE_SHIFT)

#define _AT(T,X)    ((T)(X))

PAGE_SHIFT为12

static inline pte_t p4d_pte(p4d_t p4d)
{
	return __pte(p4d_val(p4d));
}

#define __pte(x)	((pte_t) { (x) } )
#define p4d_val(x)				(pgd_val((x).pgd))

p4d_page_paddr(p4d) = __p4d_to_phys(p4d) = __pte_to_phys(p4d_pte(p4d))

           =  (pte_val(p4d_pte(p4d)) & PTE_ADDR_MASK) 

           = p4d_pte(p4d).pte &  ((1 << (48 - 12) - 1) << 12)

           = __pte(p4d_val(p4d)) &  ((1 << (36) - 1) << 12)

           = p4d_val(p4d) & ((1 << (36) - 1) << 12)

          = p4d.pgd & ((1 << (36) - 1) << 12)

          = 0x248b003 & ((1 << 36 - 1) << 12)  

注:((1 << 36 - 1) << 12) 表示bit[48:12]全为1,bit[11:0]为0。0x248b003 相与表示低12位清0,并取bit[48:12]

          = 0x248b000

接着分析

__pa_symbol(bm_pud)   

#define __pa_symbol(x)  __pa(RELOC_HIDE((unsigned long)(x), 0))
#define __pa(x)			__virt_to_phys((unsigned long)(x))
#define __virt_to_phys(x)	__virt_to_phys_nodebug(x)
#define __virt_to_phys_nodebug(x) ({					\
	phys_addr_t __x = (phys_addr_t)(__tag_reset(x));		\
	__is_lm_address(__x) ? __lm_to_phys(__x) : __kimg_to_phys(__x);	\
})

#define __tag_reset(addr)	(addr)

/*
 * Check whether an arbitrary address is within the linear map, which
 * lives in the [PAGE_OFFSET, PAGE_END) interval at the bottom of the
 * kernel's TTBR1 address range.
 */
#define __is_lm_address(addr)	(((u64)(addr) ^ PAGE_OFFSET) < (PAGE_END - PAGE_OFFSET))
#define __lm_to_phys(addr)	(((addr) & ~PAGE_OFFSET) + PHYS_OFFSET)
#define __kimg_to_phys(addr)	((addr) - kimage_voffset)

#define RELOC_HIDE(ptr, off)                        \
({                                    \
    unsigned long __ptr;                        \
    __asm__ ("" : "=r"(__ptr) : "0"(ptr));                \
    (typeof(ptr)) (__ptr + (off));                    \
})

即 (typeof(ptr)) (__ptr + (off));

代入参数

__pa_symbol(bm_pud) = __pa(RELOC_HIDE((unsigned long)(bm_pud), 0))

    = __virt_to_phys((unsigned long)(bm_pud))

   = __virt_to_phys_nodebug((phys_addr_t)(bm_pud))

   

__is_lm_address(bm_pud) = (((u64)(bm_pud) ^ PAGE_OFFSET) < (PAGE_END - PAGE_OFFSET))

= (((u64)(bm_pud) ^ 0xffff000000000000) < (ffff800000000000- 0xffff000000000000))

= (ffff80001208b000 ^ 0xffff000000000000) < 0x0000800000000000

= 0x000080001208b000  < 0x0000800000000000 ?

= 为假 (因为0x000080001208b000比0x0000800000000000大)

(注1: lm_address指 区间:ffff000000000000    ffff7fffffffffff     128TB        kernel logical memory map即[ffff0000 00000000, ffff8000 00000000) 其中ffff0000 00000000表示PAGE_OFFSET,

ffff8000 00000000表示PAGE_END。

注2: kernel image镜像起始地址为ffff8000 10000000,所以整个kernel image中的符号都不是lm_address  参考 arm64架构linux内核地址转换__pa(x)与__va(x)分析 - 温暖的电波 - 博客园 (cnblogs.com)

注3: PAGE_END数值计算过程

extern u64			vabits_actual;
#define PAGE_END		(_PAGE_END(vabits_actual))

#define _PAGE_END(vabits_actual)        (-(UL(1) << ((vabits_actual) - 1)))

      = -(UL(1) << (48- 1))

     = -(1<<47) + 0  

     = 0xffffffff ffffffff + 1 - 1<<47

     = 0xffffffff ffffffff + 1 - 0x00008000 00000000

     = 0xffff7fff ffffffff + 1 

    = 0xffff8000 00000000

) //注结束

因为__is_lm_address(bm_pud)为假,所以执行__kimg_to_phys(bm_pud)

__kimg_to_phys(bm_pud) = ((bm_pud) - kimage_voffset)

注:由打印可知kimage_voffset为ffff80000fc00000   (_text虚拟地址 - _text物理地址)

pr_notice("pudp:%llx, __pa_symbol(bm_pud):%llx, bm_pud:%llx, PAGE_END:%llx, kimage_voffset:%llx, &kimage_voffset:%llx\n",
		    (u64)pudp, __pa_symbol(bm_pud), (u64)bm_pud, (u64)PAGE_END, kimage_voffset, (u64)&kimage_voffset); 
	    pr_notice("vabits_actual :0x%llx, &vabits_actual :%llx\n", vabits_actual, (u64)&vabits_actual);
[    0.690824] pudp:ffff80001208bff8, __pa_symbol(bm_pud):248b000, 
bm_pud:ffff80001208b000, PAGE_END:ffff800000000000, 
kimage_voffset:ffff80000fc00000, &kimage_voffset:ffff8000115dd300
[    0.690827] vabits_actual :0x30, &vabits_actual :ffff800012087810

                = ffff80001208b000   - ffff80000fc00000

                = 248b000

另一个方法计算bm_pud的物理地址

因为_text物理地址为0x0000000000400000, 虚拟地址为ffff800010000000

那么 bm_pud虚拟地址为ffff80001208b000,

则物理地址 = ffff80001208b000 - ffff800010000000 + 0x0000000000400000

                  = 208b000  + 0x0000000000400000

                  = 248b000

注:ffff800010000000 - 0x0000000000400000 即kimage_voffset

haotianmai
关注
Linux内存管理(八):fixmap详解
私房菜
04-12 1221
内核启动首先会进入汇编阶段,mmu已经启动 (也就是说,当前SOC只能使用虚拟地址访问RAM),paging_init还没有完成调用,在内核启动过程需要访问某些特定的内核模块 (例如 dtb)时,就需要将虚拟地址和物理地址进行映射。这就是fixmap 机制产生的原因。fixmap 理解为固定映射,其虚拟地址空间是为了早期 fdt、console、外设动态映射、paging_init()使用。下面会通过代码的方式分别来看下这几个固定映射区域的分配和使用。
Linux内存管理(十二):paging_init 详解
私房菜
07-14 801
从中得知在paging_init调用之前,存放KernelImage和DTB两端物理内存区域可以访问(相应的页表已经建立好)。在memblock初始化之后,物理内存已经添加到系统,但是这部分的物理内存到虚拟内存的映射还没有建立,可以通过memblock_alloc分配一段物理内存,但是无法访问,一切还需要等待paging_init之后,建立最终的页表,从而实现虚拟内存到物理内存的映射。VA_BITS=39,PAGE_SHIFT=12(4K页表).........
内存映射之fixmapearly_fixmap_init
And乔的博客
08-13 2366
内存映射之fixmap基地址 导读 经过汇编阶段后,mmu功能已经enbale完成,也就是说对于我们当前分析的SOC,后续只能使用virt addr来访问dram; 但是此时我们能够访问的地址范围有限,只有idmap和swapper部分可以找到物理地址,其他部分没有翻译文本,还是无法访问的; 本部分则是在完整的paging建立起来之前,添加一种小的机制,在当前的阶段,建立所必须资源的映射; 1. fixmap fixmapfix即固定的意思,map即建立映射,然而这里的理解不是建立固定的映射,而是在一段固
early_fixmap_init
y658t的专栏
06-28 1282
本文来分析early_fixmap_init函数的代码 基于如下的配置,没有pud,因此可以提取到关键的代码如下 CONFIG_ARM64_VA_BITS=39 CONFIG_ARM64_4K_PAGES=y CONFIG_PGTABLE_LEVELS=3 void __init early_fixmap_init(void) { pud_t *pud; pmd_t *pmd; unsign...
linux arm64 early_fixmap_init 分析记录
qq_30025621的博客
05-15 1216
Linux4.0,运行环境qemu,arm64平台 void __init early_fixmap_init(void) // 为FIXADDR_START建立页表映射 { pgd_t *pgd; ...
linux内存管理笔记(九)--- fixmap
奇小葩
03-07 1951
在系统启动的汇编阶段,我们建立了临时页表,开启了MMU,进入了虚拟空间的世界,进入到start_kernel,内核要访问内存,要访问IO地址空间,那么就必须要位物理地址建立页表,以实现物理地址和虚拟地址之间的映射。 在内核初始化前期,内存管理系统还未初始化,现在除了临时页表外,主要的还是kernel image空间,其余的物理内存都没有建立页表,那么对于内存管理相关的API接口都无法使用,内核提出...
(二)Linux物理内存初始化
生活需要深度
04-17 1784
CFS是内核使用的一种调度器或调度类,它主要负责处理三种调度策略:SCHED_NORMAL、SCHED_BATCH和SCHED_IDLE。调度器的核心在挑选下一个运行的进程时有可能会遍历所有的调度类别。实际上系统大多数进程通常都是CFS调度类负责处理的,因此为了优化下一个进程的挑选调度器核心会先判断当前进程是否采用了CFS调度策略,若是,则直接调用CFS代码来挑选下一个进程,若不是或CFS代码未能挑选到一个合适的进程,则会调用各个调度类的挑选函数来寻找一个合适的进程。若CFS代码寻找到了合适的下一个运行的进
Linux内存管理(七):start_kernel 详解
最新发布
私房菜
09-18 645
在bootloader 做好初始化工作后,将 kernel image 加载到内存后,就会跳到kernel 部分继续执行,跑的先是汇编部分的代码,进行各种设置和环境初始化后,就会跳到 kernel 的第一个函数start_kernel() 完成内核系统的所有配置和初始化,其中 setup_arch() 是早期系统的配置和初始化工作。该系列专栏,会通过源码的深入剖析来查看内存管理系统的原理。本文将会是这个系列专栏代码剖析的起点。
Linux内存管理(十三):unflatten_device_tree 详解
私房菜
09-15 385
对于 debug 版本若通过节点查看,会发现很多细小的reserved hole。在之前《reserved-memory 详解》一文中分析了dts 中 reserved-memory 部分的内存 reserved 过程,这些内存都是工程师根据平台需要定义好的。在《paging_init 详解》一文中在进行 map_kernel 和 map_mem 映射时创建了很多的页表,系统将这部分的内存也当成了 reserved memory。本文将继上面分析系统 reserved 的另一块细小的 memory。
Linux内存管理(十):memblock初始化
私房菜
07-05 969
源码基于:Linux5.4 在Linux kernel 初始化完成之后,系统中的内存分配和回收是由 buddy 系统、slab分配器来管理,但是在kernel 初始化阶段时内存的分配和释放是由memblock 分配器管理,记录物理内存的使用情况,本文主要介绍在系统启动阶段memblock 的初始化过程。 early boot memory 即系统上点到内核内存管理模型创建之前这段时间的内存管理,严格来说它是系统启动过程中的一个中间阶段的内存管理,当sparse 内存模型数据初始化完成之后,将会从boot m
Linux内存管理 fixup或parse_tags物理内存解析 - linux内存管理(四)
生活需要深度
04-08 945
在2.4(具体哪个版本记不清了)以后的Linux内核中引入了一种新的向内核传递参数的方法tag标记。内核参数通过一个静态的tag链表在启动的时候传递到内核。每个tag的结构为 +-----------+ tag_header +-----------+ tag_xxx +-----------+ 其中...
[内核内存] [arm64] 内存初始化2---dtb解析
菁的博客
12-02 2899
文章目录1.early_fixmap_init2.early_ioremap_init3.setup_machine_fdtfixmap_remap_fdtearly_init_dt_scanof_scan_flat_dt4.arm64_memblock_init Linux内核执行完stext函数后,内核MMU已经打开,内核进入了c代码运行阶段,进入了虚拟地址空间的世界。但此时内核通过虚拟地址了解的内存世界还太小。那么下一部需要对dtb进行映射,通过设备树文件和membloc模块让内核了解更为广阔的内存世
kernel启动流程-start_kernel的执行_2.setup_arch
HZero
02-04 2842
1.前言 本专题文章承接之前《kernel启动流程_head.S的执行》专题文章,我们知道在head.S执行过程中保存了bootloader传递的启动参数、启动模式以及FDT地址等,创建了内核空间的页表,最后为init进程初始化好了堆栈,并跳转到start_kernel执行。 本文重点介绍start_kernel的setup_arch的主要流程. kernel版本:5.10 平台:arm64 2.setup_arch(&command_line) init_mm init_mm.start_code
linux bootmem (5)
sqlwth的专栏
05-04 248
C代码阶段 在arm64汇编阶段完成了kernel 代码段(应该是含有data和bss部分)的页表映射、内存属性的初始化和mmu的使能,内核栈和其它的cpu功能的初始化。下面正式介绍bootmem内存分配器。 bootmem初始化 start_kernel -->setup_arch --> early_fixmap_init ...
linux内核映射一个页,固定映射地址和 ioremap
weixin_39669638的博客
04-29 476
内核内存管理. 第二部分.固定映射地址和输入输出重映射固定映射地址是一组特殊的编译时确定的地址,它们与物理地址不一定具有减 __START_KERNEL_map 的线性映射关系。每一个固定映射的地址都会映射到一个内存页,内核会像指针一样使用它们,但是绝不会修改它们的地址。这是这种地址的主要特点。就像注释所说的那样,“在编译期就获得一个常量地址,只有在引导阶段才会被设定上物理地址。”你在本书的前面部...
Linux内存初始化(1)——memblock初始化
深海
06-27 2584
Linux内存初始化说明物理内存大小 说明 Kernel版本:4.14.111 ARM处理器,Contex-A7,四核 物理内存大小   一般情况下,内存大小设置有两种方法,通过设备树设置,或者通过bootargs设置。 1)通过dtb设置 ...
linux内核启动分析(三)
jianjian的博客
04-19 2089
如果不属于任何集群的话,就通过mpidr_cpu_id函数从mpidr中提取出该处理器对应的CPU核心ID,然后将该ID和该处理器的pgtable_hash_node结构体通过hash_add函数添加到wait_for_pgtable_refill哈希表中。首先,在for_each_possible_cpu循环中,遍历了所有可能存在的CPU核心,对于每个CPU核心,都使用per_cpu函数获取其cpu_data结构体,然后判断该处理器是否支持ARM64_HAS_CPUID功能。
fixmap_remap_fdt
y658t的专栏
06-28 1176
本文来分析fixmap_remap_fdt函数的代码 输入:dtb的物理地址 输出:dtb映射后的虚拟地址 功能:为dtb所在的物理内存建立映射 void *__init fixmap_remap_fdt(phys_addr_t dt_phys) { void *dt_virt; int size; dt_virt = __fixmap_remap_fdt(dt_phys, &siz...
内存初始化(上)
zdy0_2004的专栏
10-13 2628
http://www.wowotech.net/memory_management/mm-init-1.html 一、前言 一直以来,我都非常着迷于两种电影拍摄手法:一种是慢镜头,将每一个细节全方位的展现给观众。另外一种就是快镜头,多半是反应一个时代的变迁,从非常长的时间段中,截取几个典型的snapshot,合成在十几秒的镜头中,可以让观众很快的了解一个事物的发展脉络。对应到技术层
Linux内核 XXX_fixmap_pgt 形式的 数据 除了level2_fixmap_pgt和level1_fixmap_pgt 还有其他的吗? 如果有请给出 并说明其功能
05-20
除了 `level2_fixmap_pgt` 和 `level1_fixmap_pgt` 之外,Linux内核还有 `level3_fixmap_pgt` 和 `level4_fixmap_pgt`。 这些数据结构都是用于页表映射的,其中 `level2_fixmap_pgt`、`level3_fixmap_pgt` 和 `...
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值