5.6 Intermediate table walk caches
The Cortex-A72 processor implements dedicated caches that store intermediate levels of translation table entries as part of a table walk.
Cached entries are associated with an ASID and a VMID where applicable for Non-secure EL1
Care is required when using the reserved ASID method for context switch. See the ARM® Architecture Reference Manual ARMv8 for more
The following example shows how to synchronize ASID and TTBR changes using a reserved
Example 5-1 Using a reserved ASID to synchronize ASID and TTBR changes
example, the operating system uses a particular reserved ASID value for the synchronization
of the ASID and the Translation Table Base Register. You can use this approach only when the
size of the mapping for any given Virtual Address is the same in the old and new translation
tables. The example uses the value of 0.
The software uses the following sequences that must be executed from memory marked as
Change ASID to 0
Change Translation Table Base Register
Change ASID to new value
If the code relies on only leaf translation table entries that are cached, it can
incorrectly assume that entries tagged with the reserved ASID are not required to be
flushed. For example:
- Global leaf entries that remain valid or must be flushed for all ASIDs when
- Non-global leaf entries that are not used because the reserved ASID is not set outside
the context switch code.
The incorrect assumption leads to the following failure:
- The context switch code sets the ASID to the reserved value.
- Speculative fetching reads and caches the first level page table entry, using the
current TTBR, and tagging the entry with the reserved ASID. This is a pointer to a second
- Context switch completes.
- Processing continues, and the process with the page tables terminates. The OS frees and
reallocates the page table memory.
- A later context switch sets the ASID to the reserved value
- Speculative fetching makes use of the cached first level page table entry, because it is
tagged with the reserved ASID, and uses it to fetch a second level page table entry.
Because the memory is reallocated and reused, the entry contains random data that can
appear to be a valid, global entry. This second level page table entry is cached.
- Context switch completes, and application execution continues.
- The application references the address range covered by the cached second level page
table entry. Because the entry is marked as global, a match occurs and so data is fetched
from a random address.
Note When you use a reserved ASID, you must invalidate the TLB to deallocate the
translation table memory.