This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

A question about the access flag fault

Hi, everyone.

The CPU will receive a access flag fault if we set the access flag = 0. My question is if we always set the access flag to be zero in the fault handler, does the CPU get the value in the memory? For example, the instruction "ldr rd, address" loads the value in the address to rd, and we set the access flag of the PTE to be 0. In the software access fault handler, we still set the access flag to be 0. My understanding is that after the fault handler, the PC register will point to the instruction, and the access flag fault will be triggered again, so the CPU won't load the memory in "address" to rd register.

However, I see a answer from the discussion in this community (https://community.arm.com/processors/f/discussions/5413/the-usage-of-access-flag-bit-in-translation-table-descriptor) that "If keeping the AF flag 0, software still can access the data from the corresponding address space ".

And this answer confuse me. Can anybody help to figure out that whether the CPU can access the data in the corresponding address when access flag is set to be 0?

Best Regards,

Shijun

Parents

0 Martin Weidmann over 8 years ago

The writer of the post might have been thinking of the ARMv7/ARMv8 AArch32. When using the short descriptor format, it is possible to turn off AF checking (SCTLR.AFE).

But in AArch64 (or ARMv7/AArch32 with long descriptor format), software would have to set the AF bit in the translation table entry in order to access the address.

Note: In ARMv8.1, there is option of hardware update of the AF bit. If this feature is supported/enabled, you wouldn't see the initial fault.
Cancel
Vote up 0 Vote down

Cancel

Reply

0 Martin Weidmann over 8 years ago

The writer of the post might have been thinking of the ARMv7/ARMv8 AArch32. When using the short descriptor format, it is possible to turn off AF checking (SCTLR.AFE).

But in AArch64 (or ARMv7/AArch32 with long descriptor format), software would have to set the AF bit in the translation table entry in order to access the address.

Note: In ARMv8.1, there is option of hardware update of the AF bit. If this feature is supported/enabled, you wouldn't see the initial fault.
Cancel
Vote up 0 Vote down

Cancel

Children

0 zhaoshijun over 8 years ago in reply to Martin Weidmann

Hi Martin,

Thanks for your reply.

Assume that we are using the short descriptor format, and the hardware doesn't turn off the AF bit . Under this assumption, does the instruction access the memory region of the corresponding PTE? My understanding is the CPU cannot access the memory, only after the handler set the AF bit to be 1, then CPU can access the memory. Is my understanding right?

Best Regards.
Cancel
Vote up 0 Vote down

Cancel
+1 Martin Weidmann over 8 years ago in reply to zhaoshijun

Yes, assuming Access Flag checking is enabled you would have to set the AF bit before you could access the address.

You could access the underlying physical memory by creating an alias for it in the virtual address space. That alias would have to have the AF bit set.
Cancel
Vote up 0 Vote down

Cancel
0 stay foolish over 6 years ago in reply to zhaoshijun

Hi, I have a question. How to disable the feature that hardware updates of the AF bit ?

Thanks
Cancel
Vote up 0 Vote down

Cancel