Qemu Memory Model (memory simulation concept)

The qemu memory API simulates the qemu memory, I/O bus, and the corresponding controller. It mainly includes the following simulation parts:
• Regular memory
• Io ing memory (mmio)
• Memory controller (dynamically ing physical memory to different virtual address spaces)

The qemu memory model provides the following functions:
• Tracks memory changes on the target machine
• Coalesced memory)
• Create ioeventfd regions for KVM
The memory of qemu is organized into a ring-free tree structure based on the memoryregion object. The root of the tree is the system memory visible from the CPU perspective ), nodes in the tree represent other bus, memory controllers, and memory areas that have been remapped. Leaf nodes represent real Ram regions and mmio regions. Qemu contains four types of memory regions, which are expressed by the c Data Structure struct memoryregion:
(1) Ram Region: A segment of virtual address space on the target machine (GM) Available host (HM)
(2) mmio Region: A target machine (HM) address space registered with the Read and Write callback functions (callbacks functions, the read/write operations on this space will call the callback function on the host.
(3) Container: a collection of multiple memory regions. Each Mr has a different offset in the container.
(4) alias: subsection of an MR. An alias Mr instance can point to any other Mr instance.
The memory regions name is assigned by each Mr constructor. For most Mr Jobs, its name is only used for debugging, but sometimes used to locate the memory for online migration. Each Mr is created by the constructor memory_region_init * () and destroyed by the Destructor memory_region_destrory (). Then, it is added to the address space of the target system through memory_region_add_subregion, and delete it from the address space through memory_region_del_subregion (). In addition, each Mr attribute is stored anywhere.
Can be changed. Generally, different Mr jobs do not overlap, but sometimes Mr overlaps are useful. The target system can use memory_region_add_subregion_overlap () to allow the addresses and spaces of two Mr Jobs in the same iner to overlap, the overlapping Mr has a priority attribute to identify which Mr is visible.
When the target system accesses an address space, the qemu memory management system selects an MR according to the following rules:
• Match from the root node in descending order of priority
• If the current Mr is a leaf node, the search process ends.
• If the current Mr is container, search for the same algorithm in Container
• If the current Mr is alias, search for the Mr directed from alias to continue.

Is a simple PC memory ing diagram. The 4g RAM address space is mapped to the address space of the target system through two alias Mr, lomem uses a one-to-one ing to map the first 3.5 GB of 4G address space, and himem maps to the remaining GB address space (referred to as PCI-hole ). The memory controller remaps the RAM address of 640k-768k to the PCI address space and name it VGA-window, which has a higher priority than the address space in the original Ram, this ensures that access to this address space is the address space in the accessed PCI address space.
As mentioned above, only the address space managed by system memory is visible to the CPU, and the PCI address space is not the child node of system memory, by creating aliases for the two subspaces in the VGA-window and PCI-hole PCI address spaces, some region in the PCI address space is visible to the CPU. Memory region attributes include: Read-only, dirty logging, coalesced mmio, ioeventfd, etc. mmio-type Mr provides two callback functions: Read () and write, in addition, some restrictions are added to control calls to two callback functions.