Project for GSoC 2020
Hesham Almatary
hesham.almatary at cl.cam.ac.uk
Sat Mar 14 19:16:42 UTC 2020
On Wed, 11 Mar 2020 at 03:05, Utkarsh Rai <utkarsh.rai60 at gmail.com> wrote:
>
> Before specifying the interface I want to take your kind feedback on what all things would need to be done in the interface.
>
> By looking into the MMU description of ARM and x86, according to me, the implementation would have to be done in two levels-
>
> 1. The architecture-specific part, wherein I will have to initialize the MMU(already implemented for ARM), TLB management and exception handling.
You may want to look at
http://heshamelmatary.blogspot.com/2013/09/inside-low-level-details-of-rtemsmmu.html
> 2. The generalization part, wherein I will need to manage the thread stacks, their access permissions. Each stack should have a data structure associated with it that has the permission flags, starting address and other relevant information. For increased robustness of the thread stacks, every time a context switch takes place we will have to set up the page tables, TLBs to map the address of the executing thread as well as that of the threads it has the permission to access.
You wouldn't need to set up page tables during context switching as
this would be done while 1) creating/attaching an address space to a
thread, or 2) when you do an mmap() call. You'd only need to write the
root page table register and an ASID for architectures that support
that. Two interesting questions here:
1) Are we going to need address translation or just protection and why?
2) If we use the MMU, the page granularity size would affect how many
page table levels will have to be walked (i.e., the more fine-grained
PT size, the more levels). This may affect some real-time aspects of
RTEMS such as determinism and response, especially if you're going to
have multiple scattered memory regions more than the TLB can
accommodate as you'll get more TLB misses. One of the decisions we
made in the early days of the MMU project is to use fixed 1:1 mappings
with coarse-grained page sizes (i.e., 1 or 2 levels of PTs) for that
reason.
>
>
>
>
> On Mon, Mar 9, 2020 at 1:47 AM <dufault at hda.com> wrote:
>>
>>
>>
>> > On Mar 8, 2020, at 15:28 , dufault at hda.com wrote:
>> >
>> > I have not gone through this thread as thoroughly as I should. Yet, I will still jump in.
>> >
>> > The stack protectin mechanism should be done in a POSIX compliant way without defining any extensions.
>> >
>> > When threads have protected stack areas that must be shared those regions should be shared using an "mmap" interface. That is POSIX compliant, and will require extra effort to establish the sharing of stack-based memory regions.
>> >
>> > My two minute analysis of "thread pools" is that protected stacks in RTEMS should be implemented without that. Applications that want protected stacks should have the discipline of explicitly requesting access to regions of memory that are in another threads stack. The value of protected stacks will not be cost free.
>> >
>> > I'd like to see:
>> >
>> > - The ability of each thread to specify a protected stack.
>> > - A protected thread's stack memory region shall be unavailable to other threads unless it is in a shared memory region.
>> > -- I won't define the granularity of what the previous point means. In most implementations, it probably means that if "task2" has access to memory in the "task1" stack via mmap then it can probably stomp all over any part of task1s stack, it probably implies that the task1 stack memory is left accessible when task2 is running instead of being unmapped.
>>
>> In the Olden Days I worked on an architecture (Alliant mini supercomputers) where the stack wasn't in shared memory. It took a little bit of getting used to, but not much. In that architecture you just couldn't share the stack, no hope to "mmap" anything.
>>
>> We should define the goal of protected stacks. My goal is increased robustness at the expense of additional application setup complexity, but the application setup should be 100% POSIX compliant.
>>
>> Peter
>> -----------------
>> Peter Dufault
>> HD Associates, Inc. Software and System Engineering
>>
>> This email is delivered through the public internet using protocols subject to interception and tampering.
>>
> _______________________________________________
> devel mailing list
> devel at rtems.org
> http://lists.rtems.org/mailman/listinfo/devel
More information about the devel
mailing list