1

I came upon this question :

What's the use of having a kernel part in the virtual memory space of Linux processes?

and based on the answer and the comments on the answer :

the kernel memory map includes a direct mapping of all physical memory, so everything in memory appears there; it also includes separate mappings for the kernel, modules etc., so the physical addresses containing the kernel appear in at least two different mappings

Is this true? I couldn't find any source or reference for this, and why would it include a map of the entire physical memory and then again have a separate mapping of kernel modules? Isn't that redundant?

Can someone explain in a simple manner what is inside the kernel part of virtual memory of processes in 64-bit Linux? and please provide a source for the answer! because I couldn't find anything related to this in any book or paper.

G-Man Says 'Reinstate Monica'
  • 22,870
OneAndOnly
  • 167

2 Answers2

9

The kernel’s memory map on x86-64 is documented in the kernel itself. The kernel maps

  • user-space (for the current process)
  • PTI data structures
  • all the physical memory
  • the kernel’s data structures, in various blocks, with holes for ASLR
  • the kernel itself
  • its modules

Having a full mapping of physical memory is convenient, but its relevance is debated compared to the security risks it creates, and its address-space burden (since physical memory is effectively limited to half the address space as a result; this prompted the recent expansion to five-level page tables with 56-bit addresses).

Stephen Kitt
  • 434,908
  • Thanks! do you suggest any book or blog post or.. that teaches stuff like kernel modules and kernel and device drivers and kernel's data structure in depth? also do you have any paper or source that shows the security risk that you mentioned? – OneAndOnly Apr 17 '19 at 04:18
  • 1
    Robert Love’s Linux Kernel Development is a good introduction, despite its age; follow that up with Corbet et al’s Linux Device Drivers. Regarding the security aspects, see Kees Cook’s talk at KR 2017 (slides here, latest version here), I think he mentioned the issues during that talk. – Stephen Kitt Apr 17 '19 at 08:05
0

“64bit memory space is big. You just won't believe how vastly, hugely, mind-bogglingly big it is. I mean, you may think it's a long way down the road to the chemist's, but that's just peanuts to 64bit memory space.”

It is good to keep thinks simple.

Therefore it was decided to allocated half for direct mapping the hardware, just one-to-one mapping of hardware addresses. And half for virtual mapping. It will be cheaper to have something in there twice, than not. Imagine having conditional code to exclude stuff from the direct mapping if it is in the other. And imagine how complex things will become, now not everything is in the direct mapping, so we seed a lot more conditional code, to find what we want. Is is just simpler to map it twice. (this may be over simplified, and some detail may be wrong, but the general idea is correct.)

ctrl-alt-delor
  • 27,993