Skip to content

Instantly share code, notes, and snippets.

@juniorprincewang

juniorprincewang/gem_ioctl_new.log

Created July 24, 2020 16:31
Show Gist options
  • Save juniorprincewang/98dd26c36bf2ad76d3151bb2ffc07319 to your computer and use it in GitHub Desktop.
Save juniorprincewang/98dd26c36bf2ad76d3151bb2ffc07319 to your computer and use it in GitHub Desktop.
Download ZIP
1. user mmu/mem/vmm are used
Raw
gem_ioctl_new.log
nouveau 0000:01:00.0: DRM: func nouveau_gem_ioctl_new size 0x24
nouveau 0000:01:00.0: DRM: func nouveau_bo_new size 0000000000000024 flags 4
nouveau 0000:01:00.0: DRM: page shift 12, pi 1
nouveau: DRM-master:00000000:00000000: ioctl: size 82
nouveau: DRM-master:00000000:00000000: ioctl: vers 0 type 02 object ffff9eb9ff0800f8 owner ff
nouveau: DRM-master:00000000:80009009: ioctl: new size 58
nouveau: DRM-master:00000000:80009009: ioctl: new vers 0 handle 00000000 class 8000900b route 00 token ffff9eba44a8e090 object ffff9eba44a8e090
nouveau: DRM-master:00000000:80009009: func nvkm_ummu_sclass
nouveau: DRM-master:00000000:80009009: func nvkm_umem_new type 5 page 12 size 0x1000
nouveau 0000:01:00.0: mmu: func nvkm_mem_new_type type NVKM_MEM_VRAM
nouveau 0000:01:00.0: mmu: func gf100_mem_new: type 0x5 page 0xc size 0x1000
nouveau 0000:01:00.0: fb: func nvkm_ram_get: heap 0x1 type 0x1 rpage 0xc size 0x1000 contig 0x0 back 0x0
func nvkm_mm_head, heap 0x1 type 0x1 size_max 0x1 align 0x1
offset 0x5c
nouveau: DRM-master:00000000:80009009: func nvkm_umem_new page 12 addr 0x5c000 size 0x1000
nouveau: DRM-master:00000000:8000900b: init running...
nouveau: DRM-master:00000000:8000900b: init children...
nouveau: DRM-master:00000000:8000900b: init completed in 2us
nouveau: DRM-master:00000000:00000000: ioctl: return 0
nouveau 0000:01:00.0: DRM: func nouveau_bo_new return
nouveau 0000:01:00.0: DRM: func nouveau_vma_new
nouveau 0000:01:00.0: DRM: mem type 2 mem page 12 nvbo page 12
nouveau: DRM-master:00000000:00000000: ioctl: size 56
nouveau: DRM-master:00000000:00000000: ioctl: vers 0 type 04 object ffff9eba4c211548 owner ff
nouveau: user_test[28298]:00000000:8000900d: ioctl: mthd size 32
nouveau: user_test[28298]:00000000:8000900d: ioctl: mthd vers 0 mthd 01
nouveau: user_test[28298]:00000000:8000900d: mthd 1...
nouveau 0000:01:00.0: mmu: user: uvmm mthd get getref 0 mapref 0 sparse 0 page 12 align 0 size 0x1000
nouveau 0000:01:00.0: mmu: user: func nvkm_vmm_get_locked : getref 0 mapref 0 sparse 0 shift: 12 align: 0 size: 0000000000001000
nouveau 0000:01:00.0: mmu: user: align 12
nouveau 0000:01:00.0: mmu: user: this addr 0x534000 size 0xc000
nouveau 0000:01:00.0: mmu: user: size 0x1000 vma->size 0xc000
nouveau 0000:01:00.0: mmu: user: vma->page 1 addr 0x534000
nouveau: DRM-master:00000000:00000000: ioctl: return 0
nouveau: DRM-master:00000000:00000000: ioctl: size 77
nouveau: DRM-master:00000000:00000000: ioctl: vers 0 type 04 object ffff9eba4c211548 owner ff
nouveau: user_test[28298]:00000000:8000900d: ioctl: mthd size 53
nouveau: user_test[28298]:00000000:8000900d: ioctl: mthd vers 0 mthd 03
nouveau: user_test[28298]:00000000:8000900d: mthd 3...
nouveau 0000:01:00.0: mmu: user: uvmm mthd map addr 0000000000534000 size 0x1000 handle memory 0xffff9eba44a8e090 offset 0x0
nouveau 0000:01:00.0: mmu: user: func nvkm_vmm_map_locked addr 0x534000 size 0x1000 page 1 refd 7
nouveau 0000:01:00.0: mmu: user: func gf100_vmm_valid
nouveau 0000:01:00.0: mmu: user: vol 0 ro 0 priv 0 kind 0
nouveau 0000:01:00.0: mmu: user: validation map->type 0x1
nouveau 0000:01:00.0: mmu: user: func nvkm_vmm_iter name ref + map page->shift 12 addr 0x534000 size 0x1000 ref 1
nouveau 0000:01:00.0: mmu: user: 00000:00534: ref + map: 0000000000534000 0000000000001000 shift 12 1 PTEs lvl max 1
nouveau 0000:01:00.0: mmu: user: traversal page tables: lvl 1 type 1 pten 0x8000 ptei 0x534 ptes 0x1 pdei 0x0
nouveau 0000:01:00.0: mmu: user: 00000:00534: func nvkm_vmm_ref_ptes: ptei 0x534 ptes 0x1 type==SPT 0x1
nouveau 0000:01:00.0: mmu: user: 00000:00534: func : nvkm_vmm_ref_sptes ptei 0x534 ptes 0x1 sptb 0x5 sptn 0x20 spti 0x14
nouveau 0000:01:00.0: mmu: user: 00000:00534: pgt->refs[0]
nouveau 0000:01:00.0: mmu: user: MAP_PTES
nouveau 0000:01:00.0: mmu: user: func gf100_vmm_pgt_mem
nouveau 0000:01:00.0: imem: func nv50_instobj_acquire
nouveau 0000:01:00.0: bar: func gf100_bar_bar2_vmm: name bar2 start 0x0
nouveau 0000:01:00.0: imem: func nv50_instobj_acquire: paddr 0x7f9a0000 iobj->map 00000000b40256c7
nouveau 0000:01:00.0: mmu: user: func gf100_vmm_pgt_pte map_ctag 0x0 map->next 0x10
nouveau 0000:01:00.0: mmu: user: pt : ptei 0x534 ptes 0x1 base 0x0 paddr 0x7f9a0000
nouveau 0000:01:00.0: mmu: user: addr 0x5c000 map->type 0x1 base 0x5c1
nouveau 0000:01:00.0: imem: func nv50_instobj_wr32: map 00000000b40256c7 offset 0x29a0 data 0x5c1
nouveau 0000:01:00.0: imem: func nv50_instobj_wr32: map 00000000b40256c7 offset 0x29a4 data 0x0
nouveau 0000:01:00.0: imem: func nv50_instobj_release
nouveau 0000:01:00.0: bar: func g84_bar_flush
nouveau 0000:01:00.0: mmu: user: 00000:00535: flush: 1
nouveau 0000:01:00.0: mmu: user: func gf100_vmm_flush_
nouveau 0000:01:00.0: mmu: user: func gf100_vmm_flush_: pd addr 0x7f9e00
nouveau: DRM-master:00000000:00000000: ioctl: return 0
@juniorprincewang
Copy link
Author

  1. user mmu/mem/vmm are used
  2. first, vram is allocated from head (e.g., offset 0x5c )
  3. second, get virtual memory addr from vmm memory allocator head (e.g., 0x534000)
  4. third, locate pages by page table walking
  5. fourth, update PTEs (e.g., write physical page addr (0x5c000) to last level page table (0x7f9a0000+0x29a0) )
  6. last, flush page directory (e.g., 0x7f9e00)

Note that 0x7f9a0000 is the first element page table entry of PD 0x7f9e00.
However, the index PTE I got is 1 instead of 0. And I have no idea why.

sudo nvadownload 7f9e0000 8 | xxd

00000000: 6196 7f00 019a 7f00

The following page table walking:

sudo nvadownload 7f9a29a0 4 | xxd

00000000: c105 0000

sudo nvadownload 05c000 24 | xxd

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment