> > 1. User code executes ioctl > > 2. interrupt goes to the kernel > > On the interrupt the PR changes from 0 -> 1
The other way around actually :-) > > 3. ioctl handler in driver gets invoked > > The buffer pointer still contains 0x10000. > > > > How kernel code running in PR=0 accesses it and does the copy. I am > > not able to see a address space switch in the asm code of > > copy_tofrom_user. > > There isn't a address space switch. But address spaces exist at the > same time. The user app is given 0..0xc000_0000 and the kernel uses > 0xc000_0000..0xffff_ffff. You may want to add, to make things clearer, that the HW treats PID 0 specially. Translations in the TLB that have PID (we call it TID in the TLB entry) 0 match any value of the PID register. So kernel pages all have TID = 0, which means they are visible to all processes, but have permissions set such that only the supervisor (ie. PR = 0) can actually access them. MSR:PR is automatically switched to 0 by the processor when taking an interrupt, allowing the kernel thus to access both its own pages and the pages of the current process. Cheers, Ben. _______________________________________________ Linuxppc-dev mailing list Linuxppc-dev@lists.ozlabs.org https://lists.ozlabs.org/listinfo/linuxppc-dev
