The MMU (Memory Management Unit) is a key component of the ARM processor architecture that handles virtual-to-physical memory address translations. The MMU allows the processor to implement a virtual memory system, providing features like memory protection, demand paging, and memory isolation between processes.
Overview of the ARM MMU
The ARM MMU is a hardware unit that maps virtual addresses used by the processor to physical addresses in main memory. It performs these main functions:
- Address translation from virtual to physical addresses using page tables.
- Access permissions checking to implement memory protection.
- Instruction and data cache control like cache flushing.
- Address space identifiers tagging for process separation.
The MMU in ARM processors contains a Translation Lookaside Buffer (TLB) that caches recent translations for faster lookup. The TLB is a critical component affecting MMU performance.
The ARM MMU architecture has evolved over time across different ARM processor generations:
- Early MMUs used a simple flat address translation scheme.
- More advanced MMUs added multiple page table formats like short-descriptor formats with smaller footprints.
- Recent MMUs support more complex two-level hierarchical page tables meeting virtualization needs.
But at their core, all ARM MMUs provide the basic functionality of address translation and access control required for memory protection and virtual memory capabilities.
MMU Address Translation
The key purpose of the MMU is to translate virtual addresses into physical addresses. The processor generates virtual addresses based on its view of memory called the virtual address space. The physical address space represents the actual RAM addresses.
The MMU stores page table mappings that contain the virtual-to-physical address translations. On an address translation, the MMU looks up the page table entry corresponding to the virtual address and retrieves its associated physical address. This allows the processor to access physical memory while only dealing with virtual addresses internally.
Page tables are indexed by virtual page numbers. Each entry contains the physical frame number mapped to that virtual page. Page sizes are fixed, usually 4KB on ARM processors. Virtual and physical addresses are split into page and offset components for translation.
The MMU may support different page table formats optimized for size or performance. For example, ARMv6 supports both short-descriptor and long-descriptor formats with different tradeoffs. Short-descriptors pack translations into 32-bit entries, reducing memory overhead of page tables. Long-descriptors use 64-bit entries with extra bits for finer-grained memory control.
Caching MMU Translations
The ARM MMU contains a Translation Lookaside Buffer (TLB) to cache page table translations. The TLB serves as a fast lookup cache to avoid page walks for every memory access. Copying frequently used translations into the TLB speeds up address translations.
The TLB may be split into separate instruction and data TLBs for higher performance. TLB reach directly impacts performance – a larger TLB can cache more translations, reducing misses and page walks. Advanced ARM processors also add prefetch buffers to further reduce translation overheads.
On a TLB miss when a translation is not cached, the MMU must traverse the page tables in memory to lookup the mapping. This page walk penalty can be over 100 cycles, so TLB hit rates are critical for performance. The OS must manage the TLB, flushing entries when page tables change.
Memory Access Permissions
In addition to address translation, the MMU also checks access permissions as part of each memory access. Page tables include permission bits like readable, writable, executable etc. The MMU checks these permissions match the processor’s access type on each memory access.
If permissions do not match, the MMU raises an exception instead of completing the access. This implements memory protection, preventing potentially dangerous accesses like executing data or writing to code segments. The OS defines suitable page permissions to sandbox processes and protect the kernel.
The MMU may support finer-grained control like write-but-no-read and region permissions spanning multiple pages. Permissions are layered on top of address translations to provide protected virtual memory capabilities.
Instruction and Data Caches
The MMU also plays a key role interacting with processor caches like flushing caches when memory mappings change. ARM MMUs usually connect to separate instruction and data caches:
- Instruction caches are flushed whenever code pages mappings change, ensuring outdated instructions are not executed.
- Data caches are flushed when data pages mappings change, preventing incorrect data accesses.
The MMU tracks virtual-to-physical mappings and signals cache flushes when required. Some ARM MMUs can also partition caches on a per-process basis, providing cache isolation for security.
In multi-process operating systems, the MMU provides memory isolation across processes. This prevents processes from accidentally or deliberately interfering with each other’s memory.
The ARM MMU implements process separation using address space identifiers (ASIDs). Each process context is assigned a unique ASID that tags its memory accesses. The MMU stores ASID tags in TLB entries and checks them on each access to ensure the translation belongs to the current process.
If the ASID tags mismatch, it causes a TLB flush to avoid using stale mappings from prior processes. ASID comparisons isolate translations to the current process context, implementing process separation in the MMU hardware.
Modern ARM MMUs also provide virtualization capabilities needed in virtual machine environments. The key requirement is supporting two stages of address translation for the guest OS and the hypervisor.
Hardware extensions like ARM’s Virtualization Extensions add a second stage in the MMU. The guest OS manages the first stage page tables as normal. The hypervisor handles the second stage translations transparently mapping guest physical addresses to true machine addresses.
This provides isolated virtual address spaces for multiple guest VMs running on a hypervisor. The MMU also assigns VM IDs akin to ASIDs to isolate VM contexts. Virtualization massively expanded the scope and complexity of ARM MMUs.
The ARM MMU provides the foundation for memory virtualization, protection and isolation in ARM processors. It handles the critical job of translating between the processor’s virtual view of memory and actual physical memory addresses. Additional logic for access control, caching translations, and process separation enables efficient utilization of ARM’s RISC architecture in modern operating systems and virtualized environments.