RE: How can I jump to non-linux address space?

Richard B. Johnson (root@chaos.analogic.com)
Mon, 8 Oct 2001 08:51:25 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Terry Kendal: "kernel oops"
Previous message: Helge Hafting: "Re: low-latency patches"

On Thu, 4 Oct 2001, Ian Thompson wrote:

> Hey Dick,
>
> Thanks for the help! A couple more questions for you...
>
> > You use ioremap() to create a virtual address from 0x1000. Then
> > you copy the relocated code, currently in some array, to the relocated
> > address (0x1000), using the cookie returned from ioremap().
>
> How does this make the virtual address the same as the physical address? Or
> are addr's in the first page (or 1st MB?) automatically mapped to the same
> address when you call ioremap()? I printed out the __ioremap() addr's for
> 0x1000 and 0x3000, and neither of the virt addr's were equal to the physical
> ones.
>

[Snipped...]
I was refering to Intel, not ARM hardware. You can look at the
setup code in your architecture specific tree and see if you
can figure it out. I have never even seen ARM hardware, much
less used it so I can't help there.

FYI, what you get from ioremap() is not a number that will mean
anything, even when it's mapped to the physical address. Often,
on some kernel versions, just to prevent module writers from
cheating, it is poisoned so it only works with the defined
macros. Therefore, it is a "cookie", not something you can
initialize a pointer with.

However, in Intel, for hacking only, the address that you can
use to initialize a pointer with is the address you re-mapped,
ORed with PAGE_OFFSET. If the address is below 1 megabyte,
there is a 1:1 mapping of virtual to physical addresses in
the Intel Linux kernel. This allows the page table to exist
at an address that can be accessed from 32-bit linear-mode
startup.

This is useful if you want to access something physical. For instance
if you want to find the physical address of bad memory. A user-mode
memory checker can exercise memory until something failed. Then it
can write some magic numbers on both sides of the failing address.

A kernel module could then search for the magic numbers, returning
the 32-bit linear offset of the bad memory. This is quicker than
writing a module to scan all the PTEs, returning the translation
offset.

Cheers,
Dick Johnson

Penguin : Linux version 2.4.1 on an i686 machine (799.53 BogoMips).

I was going to compile a list of innovations that could be
attributed to Microsoft. Once I realized that Ctrl-Alt-Del
was handled in the BIOS, I found that there aren't any.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Terry Kendal: "kernel oops"
Previous message: Helge Hafting: "Re: low-latency patches"