Differences between address space management in Windows/Linux Kernel

I believe many people know the self- ing of Windows page tables and the one-to-one linear ing of Linux kernel. However, many people only know about it. It is much easier to remember a conclusion than to understand one reason.

Last weekend, someone asked me if I could describe them in one sentence. I admit that I am not a evangelist, and it is hard to say a "Dao, Dao" Xuan, however, I strongly agree with Lao Tzu's point of view that the road is not the greatest. Although it is difficult to say it, it can be explained. When it comes to explanation, the more detailed the better, the longer the length is not always a negative term. With such psychological comfort, there will be the following words, although deeper, not boring...

This article is based on the 32-bit Intel architecture! For fear that typing cannot keep up with your mind, you have to be less rigorous in some places, for example, when you should write "1 GB memory or 2 GB memory (the latter is in 2 GB/2 GB mode, I will directly write "1 GB memory", but this is not always the case.

1. Overview of virtual address space

In modern operating systems, physical memory is no longer visible to programs. That is to say, the program instruction itself and any data it accesses are in the virtual address space, and the machine maps it to a real physical memory page through a mechanism called MMU.

The address directly accessed by the program is a virtual address. The access address (including the access address and so on) will trigger MMU, and MMU will automatically map the access address to the real physical address, if a physical page is not assigned, a page missing exception is triggered. The system captures the exception and then silently allocates a page to re-initiate the access that failed due to no page allocation, all of this happens automatically and silently, completely transparent to applications. The page scheduling mechanism perfectly caters to the local principle of program access.

The virtual address is filled with the entire 32-bit address space. To improve management efficiency, many systems split the 32-bit address space into two parts: user space and kernel space. But remember, this split is not necessary! The so-called kernel space and user space in the Intel System are represented by the privileged RING 0 and the privileged ring 3. Fundamentally, a task has a 32-bit address space. If a system splits the 32-bit address space of a process into two parts, it indicates that the task process itself contains the kernel privilege RING 0. If it is not split, it indicates that the task process does not have the kernel part. Remenber, a 32-bit address space uses a set of MMU page tables!

If a process does not have a kernel, what should I do when the system is interrupted, the system is abnormal, or the process itself calls the system call? Do not be confused by the existing Linux and Windows implementations. Again, it is not necessary to split the address space! If the above problem occurs without splitting the address space, it is easy to switch the MMU page table, that is, the system maintains a 32-bit kernel address space for all 32-bit process services!

After talking about this, we should click the instance. The familiar Linux and Windows systems support the 3G/1G mode, meaning that the 32-bit process address space is full, the user State occupies 3G, and the kernel state occupies 1G. It can be in 2G/2G mode. The same is explained as above, these situations are called "kernel" when they enter the kernel state, because even if they enter the kernel state, they are still in the same address space, and do not switch to the S3. Another mode is the 4G/4G mode, that is, the kernel occupies a 4G address space without splitting the address space. All user processes enjoy their own 4G address space, in this mode, when entering the kernel state, it is called switching to the kernel. Because you need to switch to the Cr 3 register (switching to the MMU page table), it enters a different address space!

Here, we should know why the 4G/4G mode frees up the kernel address space so that it can accommodate more management institutions, however, there will be a small price. The so-called price is to switch between the 3, 3, and all the side effects caused by this!

2. Windows Address Space

I always thought that a good start will bring pleasant results, and a bad start will make people very tired! This is indeed the case. Many people want to understand the Windows page table self- ing, and then go to google and Baidu. The results are almost all explained in the macro definition below:

# Define MiGetVirtualAddressMappedByPte (PTE) (PVOID) (ULONG) (PTE) <10 ))

So many people are entangled in the magic word 10 and draw N pictures, but they are basically copying an article by Dave Probert a long time ago, Windows Kernel Internals II Processes, threads, VirtualMemory. The key is whether or not to understand. It was a simple task, but it was complicated for no reason. I don't think it's a good start. What is a good start?

I think I found it, that is, the layout of the virtual address space of the WIndows process! If you understand the layout design principle, you can write those macros on your own! In any case, before looking at the figure, we should first talk about the design principle of the Windows Address Space, that is: each process has its own 32-bit address space! In either 3G/1G mode, 2G/2G mode, or 4G/4G mode, each process is an independent virtual address space, which is also the design principle of modern operating systems, not Windows. In these separate address spaces, all processes have the same ing rules. For example, if the virtual address XX is in process A or process B, all mapped are their own process control block PCB... as shown in:

As a matter of fact, students with good understanding may already know the details of the Self- ing design, but I 'd like to continue, so as not to let people say that I am a tiger.

Page table self- ing is a magic ing method. Why? It is not just to save 4 K of memory space, although it can indeed save 4 K of memory space. The most important thing is that the page table self- ing mechanism provides an efficient way for kernel space to directly access any page. Before talking about page table self- ing, let me first talk about the linear ing mechanism of WIndows, that is, "linear ing between virtual addresses of page table items and virtual addresses of process address spaces ", linear ing of page tables. (Be sure to distinguish it from the linear ing between the Linux kernel virtual address and the physical address mentioned in the next section)

The linear ing of Windows page tables is easy to understand. All page tables in Windows are in a fixed part of the address space and are continuously distributed according to the virtual address. The virtual addresses of all page table items are also continuously distributed, starting from the very beginning, consecutive page table items map consecutive virtual addresses, as shown in:

Note that until now, I have not mentioned the page Directory, because the page Directory is purely introduced for multi-level page tables. Windows only uses the page Directory concept, ing the page table to the virtual address space virtually removes the 4 K overhead of the page Directory. Windows only maps all the page tables at a fixed position in the address space. These page tables contain a page table, that is, the page Directory. The page Directory is lost in the page table. And look down!

With this foundation, the subsequent self- ing and the magic macros are a natural result. Why? Respectively.

For more details, please continue to read the highlights on the next page:

Linux Kernel: click here
Linux Kernel: click here

Recommended reading:

Linux 3.12 code Suicidal Squirrel

How to install Linux 3.11 Kernel on Ubuntu

The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5

Linux Kernel 3.4.62 LTS is now available for download

1 2 3 4 Next Page