Memory model concept
The moving memory model uses a single page directory for the whole OS, and provides multiple overlapped process address spaces by moving blocks of memory (changing their virtual address) during a context switch. This is how the memory model derives its name.
Simple arithmetic shows that each page directory entry maps 1 MB of address space. Changing the domain specified in the entry provides easy control of the access policy for this memory range. The memory model can move this address range, whilst simultaneously changing the access permissions by writing a new entry in the page directory and resetting the old entry (two 32-bit writes).
For example, suppose we have a page table that maps a set of pages, each with ''user no-access, supervisor read/write'' permissions. Now we create a page directory entry in the second position in a page directory, allocate it to domain 0 and set the DACR to ignore-permissions for this domain. We can now access the pages using the address range 0x00100000-0x001fffff with full access from both user and supervisor modes as the permission bits are being ignored. On a context switch we remove this page directory entry and create a new one in the seventh position, this time setting the domain to 1 (with the DACR set to check-permissions for domain 1). After clearing the TLB entry for the old address range we can no longer use address 0x00100000 to access the memory. However, we can now use 0x00600000, but only from supervisor mode as the permission bits are now being checked. Figure 7.11 shows the effect of making these simple changes to the page directory.
This is the essential idea that we use to provide each process with identical virtual address spaces, but distinct and protected memory pages. During a context switch, we first move the old process's memory out of the common execution address, making it inaccessible to user mode at the same time, and then we move the new process's memory to the common execution address and make it accessible.
This is also one of the motivations behind the concept and implementation of the chunk, described in Section 7.3.1, which is the unit of ''moving memory'' within the higher layers of this memory model.
Unfortunately, as with many good ideas, this one is not without its drawbacks. If you remember, I earlier described the problem that can be caused by mapping memory at different virtual memory addresses, even when spread out in time-and that the solution is to flush the cache. This means that all modified data is copied back to main memory and all cached data is discarded and must be reloaded from main memory when required. As a result, a process context switch with this memory model is dominated by the time spent flushing the cache, and is typically 100 times slower than a thread context switch (within the same process). There is little hope that in future cache flushing will be made faster by
00100000
00600000
00100000
00600000
|
Page table 1 | |
|
Domain 0: Full access | |
|
<empty> | |
Page Directory context swich
Page Directory context swich
Page Table
00100000
00600000
Page table 1
Domain 1: Restricted
Figure 7.11 Remapping memory by modifying the page directory new processors and memory, as performance gained there is lost flushing ever larger caches.
The moving memory model employs some of the other ARMv5 features, such as domains and split caches, to reduce the requirement for cache flushing. However, it cannot be entirely removed and still constitutes a measurable proportion of the execution time for Symbian OS.
It is interesting to note that ARMv5 provides an alternative to multiple page directories or moving page tables-the Fast Context Switch Extensions. In this mode, the MMU translates the virtual address before doing regular address translation using the page tables, and can eliminate the expensive cache flush on a context switch. In this mode, the MMU will replace the highest 7 bits of the virtual address with the value in the FCSE PID register, if these bits were all zero. This means that virtual addresses in the range 0x00000000 to 0x02000000 will be mapped to some other 32 MB range before the page tables are walked. On a process context switch all that is needed is to change the FCSE PID. Although popular with other open operating systems using ARMv5, this limits the system to 127 processes (the number of distinct, non-zero FCSE PID values) and each process to a virtual address space of 32 MB including code. The need for the kernel to use some of the memory map for other purposes can reduce these limits significantly. These limitations were not acceptable for Symbian OS.
Post a comment