On an ARM joke with VMSA at EL2
Posted: Fri Jun 29, 2018 7:49 am
Warning/Achtung: It's about ARM v8.
Keeping studying this architecture, I stumbled across a rather weird thing, I want to ask about.
So, I won't detailize ARM internals I cannot do it short and given the warning, readers that have reached here, probably don't need that.
So there is EL2, the exception level for Hypervisor. Note, we don't touch the fact it manages stage 2 MMU translations for EL1/EL0, thus virtualizing their system spaces - it's its duty and there, everything is clear.
But. It has its own one stage translation. From System space to its EL2 Virtual space. EL2 MMU stage 1 serves it, the whole set of MMU related registers controls etc.
The funny thing is that ARM has made it only 1 instance of mapping possible. Thus, no ASIDs, no separation for access (kernel - user, in this case it would be EL2/EL0 pair). According access flags that on the normal EL1 (OS level) would set one part of space for kernel access and another part for user, here are all RES0. reserved. No context switches possible. Because even if you are able to distinguish between "processes" - virtual space owners, without ASIDs, then still there is no isolation - every process could only be at EL2, not EL0, so it easily could f&ck up every mapping, not only its own.
... But the only point of the Virtual Memory System is the ability to provide multiple isolated virtual spaces. Without it, it turns into just a plain waste of resources. Of course it's pretty in line with HV by itself which is a plain resource wasting, but still. WHY??? why arm did that? How do you think for what sane reasons such a system could exist?
Thinking on Hypervisor role, it might be stated that for it, it would be enough to have just a 1 space - identity mapped VS into SS. One process, no need to build maps and use MMU. It's possible, but as I understand, for it to be a real identity mapping, one needs to turn off MMU. ... That switches off D-cache. Only "fake" IM could work, - you supply mapping that does everything but the SA-VA numbers are equal all the time.
Keeping studying this architecture, I stumbled across a rather weird thing, I want to ask about.
So, I won't detailize ARM internals I cannot do it short and given the warning, readers that have reached here, probably don't need that.
So there is EL2, the exception level for Hypervisor. Note, we don't touch the fact it manages stage 2 MMU translations for EL1/EL0, thus virtualizing their system spaces - it's its duty and there, everything is clear.
But. It has its own one stage translation. From System space to its EL2 Virtual space. EL2 MMU stage 1 serves it, the whole set of MMU related registers controls etc.
The funny thing is that ARM has made it only 1 instance of mapping possible. Thus, no ASIDs, no separation for access (kernel - user, in this case it would be EL2/EL0 pair). According access flags that on the normal EL1 (OS level) would set one part of space for kernel access and another part for user, here are all RES0. reserved. No context switches possible. Because even if you are able to distinguish between "processes" - virtual space owners, without ASIDs, then still there is no isolation - every process could only be at EL2, not EL0, so it easily could f&ck up every mapping, not only its own.
... But the only point of the Virtual Memory System is the ability to provide multiple isolated virtual spaces. Without it, it turns into just a plain waste of resources. Of course it's pretty in line with HV by itself which is a plain resource wasting, but still. WHY??? why arm did that? How do you think for what sane reasons such a system could exist?
Thinking on Hypervisor role, it might be stated that for it, it would be enough to have just a 1 space - identity mapped VS into SS. One process, no need to build maps and use MMU. It's possible, but as I understand, for it to be a real identity mapping, one needs to turn off MMU. ... That switches off D-cache. Only "fake" IM could work, - you supply mapping that does everything but the SA-VA numbers are equal all the time.