I am reading about x86 protected mode working, In that I have seen the flat memory model and segmentation memory model.
If linux kernel is using flat memory model then, How it protects the access of unprivileged applications to critical data?
Asked
Active
Viewed 660 times
0
-
2By using a [page table](https://en.wikipedia.org/wiki/Page_table). See also: [paging](https://en.wikipedia.org/wiki/Paging). – C. K. Young Jun 01 '16 at 04:26
-
Thanks, But what about the stack, data, code segments assigned to process. – 0x47-sci-tech Jun 01 '16 at 04:41
-
Read ruthafjord's most recent edit: the segments are technically used to convert to linear addresses, which is then looked up in the page table. – C. K. Young Jun 01 '16 at 04:43
-
Means it is using segmentation memory model? – 0x47-sci-tech Jun 01 '16 at 04:53
1 Answers
2
Linux generally uses neither. On x86, Linux has separate page tables for userspace processes and the kernel. The userspace page tables do not contain user mappings to kernel memory, which makes it impossible for user-space processes to access kernel memory directly.
Technically, "virtual addresses" on x86 pass through segmentation first (and are converted from logical addresses to linear addresses) before being remapped from linear addresses to physical addresses through the page tables. Except in unusual cases, segmentation won't change the resulting physical address in 64 bit mode (segmentation is just used to store traits like the current privilege level, and enforce features like SMEP).
One well known "unusual case" is the implementation of Thread Local Storage by most compilers on x86, which uses the FS and GS segments to define per logical processor offsets into the address space. Other segments can not have non-zero bases, and therefore cannot shift addresses through segmentation.
ruthafjord
- 2,037
- 1
- 11
- 14
-
Does that mean, every time when work with the system it uses "virtual address" then, on those addresses segmentation takes place and after that finally, hardware maps the virtual address to physical address depending on the page table. But, during that page of particular segment didn't present in the memory then swapping takes place? and I didn't understand 64-bit mode line in above answer – 0x47-sci-tech Jun 01 '16 at 04:49
-
It's definitely confusing. Behavior on x86 depends upon the mode of the processor (real/protected/long mode, aka 16bit, 32bit, 64bit modes. Along with a bunch of more subtle paging modes). It's easiest to think of x86 as lacking segmentation (segmentation is only used for subtle behavior). – ruthafjord Jun 01 '16 at 05:22
-
As an example, in real mode (16 bit mode), x86 only uses segmentation. Fortunately, most OSes don't have to deal with this, because bootloaders hand off control in 32bit mode. – ruthafjord Jun 01 '16 at 05:25
-
To answer your question more directly, yes, in 64bit mode, virtual addresses are passed through segmentation first, before being remapped through the page tables. Off the top of my head, this is useful for features like SMEP, which I believe is controlled through segment registers. – ruthafjord Jun 01 '16 at 05:28
-
Thread-local storage uses FS or GS segment registers, which can have non-zero offsets in 64bit mode. e.g. `mov eax, [fs:0x28]` to load from offset 0x28 in the thread-local storage block. http://stackoverflow.com/questions/32245103/how-does-the-gcc-thread-work – Peter Cordes Jun 01 '16 at 16:49
-
This answer was slightly inaccurate at the time of writing. The user/kernel separation was actually typically done using the user/kernel mode bit in the page tables (leave the mapping in, but it can only be used by the kernel). This later changed for Intel x86 after Meltdown, which led to the development of KPTI, which substantially decreased the number of kernel pages mapped by the user page tables (although those pages are still not directly readable or writable by userspace). – ruthafjord Dec 20 '20 at 11:19