Process address space-Address Space Layout

A virtual address space consists of several regions, which are distributed in a specific architecture. However, it basically contains the following common components.

• The binary code of the currently running Code. The Code segment is also called text, and the address space is called text segment.
• Code of the dynamic library used by the program
• The heap that stores global variables and dynamically generated data.
• Stack used to save local variables and implement function/process calls
• Stage of environment variables and command line parameters
• Maps the file content to the memory ing of the virtual address space.

It is determined by the elf standard. Each architecture specifies a specific starting address. Therefore, we use the two most common architectures ia32 and arm9-as columns to discuss the process address space distribution in different architectures.

Ia32 Address Space Division

First, the division of the address space is not fixed. Even if the architecture is determined, there are still some macros that will affect the layout of the address space.

1. Text Segment

The starting address of the Text Segment of ia32 is 0x08048000. Approximately MB of address space is reserved between the starting address and the lowest available address of the text segment. This reserved space is mainly used to capture null pointers, other architectures should also have class system holes.

2. Heap

The starting position of the heap is closely followed by the ending position of the text. The starting position of the heap is fixed to mm_struct-> start_brk, but the ending position of the heap is mm_struct-> BRK is variable and increases upwards.

3. Stack

The stack starts with stack_top. This location is task_size (the highest available address of the user space, which is 3 GB in case of Division). However, if the process sets the pf_randomize mark, the starting point is task_size minus a small random number. Each architecture must define stack_top. Both the process parameter list and environment variables are the initial data of the stack.

4. Memory ing zone

The memory ing zone starts with mm_struct-> mmap_base and is set to task_unmapped_base. This macro is of a specific architecture and is defined as follows for ia32.

(PAGE_ALIGN(TASK_SIZE / 3))

Therefore, for the address space division described above, we can obtain

However, there is a problem with the layout, that is, the heap space is limited between text_end and task_unmapped_size, that is, if the size is less than 1 GB, the memory ing zone will be damaged as the layout continues to grow.

While MMAP and stack share nearly 2 GB space.

Therefore, a new process layout was proposed after 2.6.7.

In this layout method, the size of the stack is limited, while the MMAP becomes downward growth and the heap shares an address space close to 3 GB, which seems more reasonable.

To ensure direct conflicts between stack and MMAP, a security isolation zone is set on MMAP.