1*4882a593Smuzhiyun.. SPDX-License-Identifier: GPL-2.0 2*4882a593Smuzhiyun 3*4882a593Smuzhiyun============== 4*4882a593Smuzhiyun5-level paging 5*4882a593Smuzhiyun============== 6*4882a593Smuzhiyun 7*4882a593SmuzhiyunOverview 8*4882a593Smuzhiyun======== 9*4882a593SmuzhiyunOriginal x86-64 was limited by 4-level paing to 256 TiB of virtual address 10*4882a593Smuzhiyunspace and 64 TiB of physical address space. We are already bumping into 11*4882a593Smuzhiyunthis limit: some vendors offers servers with 64 TiB of memory today. 12*4882a593Smuzhiyun 13*4882a593SmuzhiyunTo overcome the limitation upcoming hardware will introduce support for 14*4882a593Smuzhiyun5-level paging. It is a straight-forward extension of the current page 15*4882a593Smuzhiyuntable structure adding one more layer of translation. 16*4882a593Smuzhiyun 17*4882a593SmuzhiyunIt bumps the limits to 128 PiB of virtual address space and 4 PiB of 18*4882a593Smuzhiyunphysical address space. This "ought to be enough for anybody" ©. 19*4882a593Smuzhiyun 20*4882a593SmuzhiyunQEMU 2.9 and later support 5-level paging. 21*4882a593Smuzhiyun 22*4882a593SmuzhiyunVirtual memory layout for 5-level paging is described in 23*4882a593SmuzhiyunDocumentation/x86/x86_64/mm.rst 24*4882a593Smuzhiyun 25*4882a593Smuzhiyun 26*4882a593SmuzhiyunEnabling 5-level paging 27*4882a593Smuzhiyun======================= 28*4882a593SmuzhiyunCONFIG_X86_5LEVEL=y enables the feature. 29*4882a593Smuzhiyun 30*4882a593SmuzhiyunKernel with CONFIG_X86_5LEVEL=y still able to boot on 4-level hardware. 31*4882a593SmuzhiyunIn this case additional page table level -- p4d -- will be folded at 32*4882a593Smuzhiyunruntime. 33*4882a593Smuzhiyun 34*4882a593SmuzhiyunUser-space and large virtual address space 35*4882a593Smuzhiyun========================================== 36*4882a593SmuzhiyunOn x86, 5-level paging enables 56-bit userspace virtual address space. 37*4882a593SmuzhiyunNot all user space is ready to handle wide addresses. It's known that 38*4882a593Smuzhiyunat least some JIT compilers use higher bits in pointers to encode their 39*4882a593Smuzhiyuninformation. It collides with valid pointers with 5-level paging and 40*4882a593Smuzhiyunleads to crashes. 41*4882a593Smuzhiyun 42*4882a593SmuzhiyunTo mitigate this, we are not going to allocate virtual address space 43*4882a593Smuzhiyunabove 47-bit by default. 44*4882a593Smuzhiyun 45*4882a593SmuzhiyunBut userspace can ask for allocation from full address space by 46*4882a593Smuzhiyunspecifying hint address (with or without MAP_FIXED) above 47-bits. 47*4882a593Smuzhiyun 48*4882a593SmuzhiyunIf hint address set above 47-bit, but MAP_FIXED is not specified, we try 49*4882a593Smuzhiyunto look for unmapped area by specified address. If it's already 50*4882a593Smuzhiyunoccupied, we look for unmapped area in *full* address space, rather than 51*4882a593Smuzhiyunfrom 47-bit window. 52*4882a593Smuzhiyun 53*4882a593SmuzhiyunA high hint address would only affect the allocation in question, but not 54*4882a593Smuzhiyunany future mmap()s. 55*4882a593Smuzhiyun 56*4882a593SmuzhiyunSpecifying high hint address on older kernel or on machine without 5-level 57*4882a593Smuzhiyunpaging support is safe. The hint will be ignored and kernel will fall back 58*4882a593Smuzhiyunto allocation from 47-bit address space. 59*4882a593Smuzhiyun 60*4882a593SmuzhiyunThis approach helps to easily make application's memory allocator aware 61*4882a593Smuzhiyunabout large address space without manually tracking allocated virtual 62*4882a593Smuzhiyunaddress space. 63*4882a593Smuzhiyun 64*4882a593SmuzhiyunOne important case we need to handle here is interaction with MPX. 65*4882a593SmuzhiyunMPX (without MAWA extension) cannot handle addresses above 47-bit, so we 66*4882a593Smuzhiyunneed to make sure that MPX cannot be enabled we already have VMA above 67*4882a593Smuzhiyunthe boundary and forbid creating such VMAs once MPX is enabled. 68