cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

bus-virt-phys-mapping.rst (8232B)

      1==========================================================
      2How to access I/O mapped memory from within device drivers
      3==========================================================
      4
      5:Author: Linus
      6
      7.. warning::
      8
      9	The virt_to_bus() and bus_to_virt() functions have been
     10	superseded by the functionality provided by the PCI DMA interface
     11	(see Documentation/core-api/dma-api-howto.rst).  They continue
     12	to be documented below for historical purposes, but new code
     13	must not use them. --davidm 00/12/12
     14
     15::
     16
     17  [ This is a mail message in response to a query on IO mapping, thus the
     18    strange format for a "document" ]
     19
     20The AHA-1542 is a bus-master device, and your patch makes the driver give the
     21controller the physical address of the buffers, which is correct on x86
     22(because all bus master devices see the physical memory mappings directly). 
     23
     24However, on many setups, there are actually **three** different ways of looking
     25at memory addresses, and in this case we actually want the third, the
     26so-called "bus address". 
     27
     28Essentially, the three ways of addressing memory are (this is "real memory",
     29that is, normal RAM--see later about other details): 
     30
     31 - CPU untranslated.  This is the "physical" address.  Physical address 
     32   0 is what the CPU sees when it drives zeroes on the memory bus.
     33
     34 - CPU translated address. This is the "virtual" address, and is 
     35   completely internal to the CPU itself with the CPU doing the appropriate
     36   translations into "CPU untranslated". 
     37
     38 - bus address. This is the address of memory as seen by OTHER devices, 
     39   not the CPU. Now, in theory there could be many different bus 
     40   addresses, with each device seeing memory in some device-specific way, but
     41   happily most hardware designers aren't actually actively trying to make
     42   things any more complex than necessary, so you can assume that all 
     43   external hardware sees the memory the same way. 
     44
     45Now, on normal PCs the bus address is exactly the same as the physical
     46address, and things are very simple indeed. However, they are that simple
     47because the memory and the devices share the same address space, and that is
     48not generally necessarily true on other PCI/ISA setups. 
     49
     50Now, just as an example, on the PReP (PowerPC Reference Platform), the 
     51CPU sees a memory map something like this (this is from memory)::
     52
     53	0-2 GB		"real memory"
     54	2 GB-3 GB	"system IO" (inb/out and similar accesses on x86)
     55	3 GB-4 GB 	"IO memory" (shared memory over the IO bus)
     56
     57Now, that looks simple enough. However, when you look at the same thing from
     58the viewpoint of the devices, you have the reverse, and the physical memory
     59address 0 actually shows up as address 2 GB for any IO master.
     60
     61So when the CPU wants any bus master to write to physical memory 0, it 
     62has to give the master address 0x80000000 as the memory address.
     63
     64So, for example, depending on how the kernel is actually mapped on the 
     65PPC, you can end up with a setup like this::
     66
     67 physical address:	0
     68 virtual address:	0xC0000000
     69 bus address:		0x80000000
     70
     71where all the addresses actually point to the same thing.  It's just seen 
     72through different translations..
     73
     74Similarly, on the Alpha, the normal translation is::
     75
     76 physical address:	0
     77 virtual address:	0xfffffc0000000000
     78 bus address:		0x40000000
     79
     80(but there are also Alphas where the physical address and the bus address
     81are the same). 
     82
     83Anyway, the way to look up all these translations, you do::
     84
     85	#include <asm/io.h>
     86
     87	phys_addr = virt_to_phys(virt_addr);
     88	virt_addr = phys_to_virt(phys_addr);
     89	 bus_addr = virt_to_bus(virt_addr);
     90	virt_addr = bus_to_virt(bus_addr);
     91
     92Now, when do you need these?
     93
     94You want the **virtual** address when you are actually going to access that
     95pointer from the kernel. So you can have something like this::
     96
     97	/*
     98	 * this is the hardware "mailbox" we use to communicate with
     99	 * the controller. The controller sees this directly.
    100	 */
    101	struct mailbox {
    102		__u32 status;
    103		__u32 bufstart;
    104		__u32 buflen;
    105		..
    106	} mbox;
    107
    108		unsigned char * retbuffer;
    109
    110		/* get the address from the controller */
    111		retbuffer = bus_to_virt(mbox.bufstart);
    112		switch (retbuffer[0]) {
    113			case STATUS_OK:
    114				...
    115
    116on the other hand, you want the bus address when you have a buffer that 
    117you want to give to the controller::
    118
    119	/* ask the controller to read the sense status into "sense_buffer" */
    120	mbox.bufstart = virt_to_bus(&sense_buffer);
    121	mbox.buflen = sizeof(sense_buffer);
    122	mbox.status = 0;
    123	notify_controller(&mbox);
    124
    125And you generally **never** want to use the physical address, because you can't
    126use that from the CPU (the CPU only uses translated virtual addresses), and
    127you can't use it from the bus master. 
    128
    129So why do we care about the physical address at all? We do need the physical
    130address in some cases, it's just not very often in normal code.  The physical
    131address is needed if you use memory mappings, for example, because the
    132"remap_pfn_range()" mm function wants the physical address of the memory to
    133be remapped as measured in units of pages, a.k.a. the pfn (the memory
    134management layer doesn't know about devices outside the CPU, so it
    135shouldn't need to know about "bus addresses" etc).
    136
    137.. note::
    138
    139	The above is only one part of the whole equation. The above
    140	only talks about "real memory", that is, CPU memory (RAM).
    141
    142There is a completely different type of memory too, and that's the "shared
    143memory" on the PCI or ISA bus. That's generally not RAM (although in the case
    144of a video graphics card it can be normal DRAM that is just used for a frame
    145buffer), but can be things like a packet buffer in a network card etc. 
    146
    147This memory is called "PCI memory" or "shared memory" or "IO memory" or
    148whatever, and there is only one way to access it: the readb/writeb and
    149related functions. You should never take the address of such memory, because
    150there is really nothing you can do with such an address: it's not
    151conceptually in the same memory space as "real memory" at all, so you cannot
    152just dereference a pointer. (Sadly, on x86 it **is** in the same memory space,
    153so on x86 it actually works to just deference a pointer, but it's not
    154portable). 
    155
    156For such memory, you can do things like:
    157
    158 - reading::
    159
    160	/*
    161	 * read first 32 bits from ISA memory at 0xC0000, aka
    162	 * C000:0000 in DOS terms
    163	 */
    164	unsigned int signature = isa_readl(0xC0000);
    165
    166 - remapping and writing::
    167
    168	/*
    169	 * remap framebuffer PCI memory area at 0xFC000000,
    170	 * size 1MB, so that we can access it: We can directly
    171	 * access only the 640k-1MB area, so anything else
    172	 * has to be remapped.
    173	 */
    174	void __iomem *baseptr = ioremap(0xFC000000, 1024*1024);
    175
    176	/* write a 'A' to the offset 10 of the area */
    177	writeb('A',baseptr+10);
    178
    179	/* unmap when we unload the driver */
    180	iounmap(baseptr);
    181
    182 - copying and clearing::
    183
    184	/* get the 6-byte Ethernet address at ISA address E000:0040 */
    185	memcpy_fromio(kernel_buffer, 0xE0040, 6);
    186	/* write a packet to the driver */
    187	memcpy_toio(0xE1000, skb->data, skb->len);
    188	/* clear the frame buffer */
    189	memset_io(0xA0000, 0, 0x10000);
    190
    191OK, that just about covers the basics of accessing IO portably.  Questions?
    192Comments? You may think that all the above is overly complex, but one day you
    193might find yourself with a 500 MHz Alpha in front of you, and then you'll be
    194happy that your driver works ;)
    195
    196Note that kernel versions 2.0.x (and earlier) mistakenly called the
    197ioremap() function "vremap()".  ioremap() is the proper name, but I
    198didn't think straight when I wrote it originally.  People who have to
    199support both can do something like::
    200 
    201	/* support old naming silliness */
    202	#if LINUX_VERSION_CODE < 0x020100
    203	#define ioremap vremap
    204	#define iounmap vfree                                                     
    205	#endif
    206 
    207at the top of their source files, and then they can use the right names
    208even on 2.0.x systems. 
    209
    210And the above sounds worse than it really is.  Most real drivers really
    211don't do all that complex things (or rather: the complexity is not so
    212much in the actual IO accesses as in error handling and timeouts etc). 
    213It's generally not hard to fix drivers, and in many cases the code
    214actually looks better afterwards::
    215
    216	unsigned long signature = *(unsigned int *) 0xC0000;
    217		vs
    218	unsigned long signature = readl(0xC0000);
    219
    220I think the second version actually is more readable, no?