How does mmio get routed to io devices?

Question

I am trying to understand how IO devices are mapped into the 'regular' memory address space on modern x86 machines running Linux.

Some details which I am trying to make sense of are:

1. cat /proc/iomem prints out a list of io memory mapped regions (printing the physical addresses) which are non-contiguous

2. These regions can be requested by kernel modules dynamically at runtime, and allocated via the function request_mem_region which is defined in <linux/ioport.h>

3. x86 machines use mov for both memory-access and IO (that is mapped into memory)

So now, supposing kernel module code is running, we will likely encounter an instruction like mov [value] [virtual address] where the virtual address could be referring to either an mmio region or 'normal' data values that exist in memory. The process to separate mmio traffic from 'normal' memory ought to have 2 key steps:

1. determine if the address is mmio. The page table has a flag for whether it is memory-mapped, so I assume the mmu determines this while doing page table translation.
2. Determine the 'IO address' of the newly produced physical address (that the mmu gave as output from the page table translation) and pass this to whatever chip interfaces with the IO (Northbridge, root complex, etc)

Question 1: is my understanding of step-1 above correct?

Question 2: How is step-2 carried out? (by what entity and how is the map stored?)

The ranges that need to be checked are listed in /proc/iomem, and the data which it draws from I guess is a map that looks like: map[mmio_address] = io_address_object

Keeping in mind that all of this is happening within the context of a single mov instruction from the perspective of the cpu, I can't see how this translation could happen via anything other than hardware external to the cpu.

Answer 1

Your understanding of step-1 is correct. The MMU determines if the address is MMIO by looking at the page table entries for that virtual address.

For step-2, the entity responsible for mapping the physical address to the corresponding IO address is the chipset on the motherboard. The chipset typically contains a memory-mapped IO (MMIO) controller, which is responsible for handling IO requests from the CPU and translating them into signals that can be understood by the various IO devices connected to the system.

The MMIO controller typically maintains a memory map that maps each MMIO address range to the corresponding IO address range for each IO device. This memory map is usually stored in hardware registers within the chipset and is programmed by the BIOS during system initialization.

When the CPU performs an MMIO operation, the MMU translates the virtual address to a physical address, which is then sent to the MMIO controller. The MMIO controller uses the memory map to determine the corresponding IO address for the physical address and generates the appropriate IO signals to communicate with the IO device.

So, in summary, the mapping between MMIO addresses and IO addresses is maintained by the MMIO controller in the chipset, and this mapping is programmed by the BIOS during system initialization.