LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Kernel (https://www.linuxquestions.org/questions/linux-kernel-70/)
-   -   What is between the stack and the kernel? (https://www.linuxquestions.org/questions/linux-kernel-70/what-is-between-the-stack-and-the-kernel-4175423048/)

corone 08-20-2012 07:06 AM
What is between the stack and the kernel?
 
Hi,

What is between the stack and the kernel?

We all already know the kernel space starts at 0xC000_0000.
We also already know the stack space starts at 0xBFFF_FFFC and grows upwards.

According to Self-Service Linux: Determining Problems and Finding Solutions (Mark Wilding, Prentice Hall),
Code:
08048000-08049000 r-xp 00000000 03:08 293559  /u/dbehman/book/working/foo
08049000-0804a000 rw-p 00000000 03:08 293559  /u/dbehman/book/working/foo
40000000-40018000 r-xp 00000000 03:08 6664    /lib/ld-2.3.2.so
40018000-40019000 rw-p 00017000 03:08 6664    /lib/ld-2.3.2.so
40019000-4001b000 rw-p 00000000 00:00 0
40028000-40154000 r-xp 00000000 03:08 6661    /lib/i686/libc.so.6
40154000-40159000 rw-p 0012c000 03:08 6661    /lib/i686/libc.so.6
40159000-4015b000 rw-p 00000000 00:00 0
bfffe000-c0000000 rwxp fffff000 00:00 0
The stack must be between 0xbfffe000 and 0xc0000000.
The book says so too.
That's OK.
It means the stack space starts at 0xBFFF_FFFC.

But in my linux server, the outputs is a little different.
Code:
0042c000-00447000 r-xp 00000000 fd:00 16679845  /lib/ld-2.5.so
00447000-00448000 r--p 0001a000 fd:00 16679845  /lib/ld-2.5.so
00448000-00449000 rw-p 0001b000 fd:00 16679845  /lib/ld-2.5.so
0044b000-0059d000 r-xp 00000000 fd:00 16683011  /lib/libc-2.5.so
0059d000-0059e000 ---p 00152000 fd:00 16683011  /lib/libc-2.5.so
0059e000-005a0000 r--p 00152000 fd:00 16683011  /lib/libc-2.5.so
005a0000-005a1000 rw-p 00154000 fd:00 16683011  /lib/libc-2.5.so
005a1000-005a4000 rw-p 005a1000 00:00 0
005b5000-005b6000 r-xp 005b5000 00:00 0          [vdso]
08048000-08049000 r-xp 00000000 fd:03 191299609  /home/corone/work/stack_space
08049000-0804a000 rw-p 00000000 fd:03 191299609  /home/corone/work/stack_space
b7f96000-b7f98000 rw-p b7f96000 00:00 0
b7faf000-b7fb0000 rw-p b7faf000 00:00 0
bfe18000-bfe2d000 rw-p bffe9000 00:00 0          [stack]
and my linux laptop PC also,
Code:
08048000-08049000 r-xp 00000000 03:01 3377      /root/work/stack_space
08049000-0804a000 rw-p 00000000 03:01 3377      /root/work/stack_space
b7dde000-b7ddf000 rw-p b7dde000 00:00 0
b7ddf000-b7f34000 r-xp 00000000 03:01 3317      /lib/i686/cmov/libc-2.7.so
b7f34000-b7f35000 r--p 00155000 03:01 3317      /lib/i686/cmov/libc-2.7.so
b7f35000-b7f37000 rw-p 00156000 03:01 3317      /lib/i686/cmov/libc-2.7.so
b7f37000-b7f3a000 rw-p b7f37000 00:00 0
b7f3e000-b7f40000 rw-p b7f3e000 00:00 0
b7f40000-b7f5a000 r-xp 00000000 03:01 17385      /lib/ld-2.7.so
b7f5a000-b7f5c000 rw-p 0001a000 03:01 17385      /lib/ld-2.7.so
bfb45000-bfb5a000 rw-p bfb45000 00:00 0          [stack]
ffffe000-fffff000 ---p 00000000 00:00 0          [vdso]
The stack space doesn't start at 0xBFFF_FFFC.

It starts at 0xbfe2d000 in my linux server.
And it starts at 0xbfb5a000 in my linux laptop PC.

What is between bfe2d000-c0000000 in my linux server?
and between bfb5a000-c0000000 in my linux laptop PC?

Each of them are 1912832 Byte and 4874240 Byte.
1912832 Byte = 1868 KB
4874240 Byte = 4760 KB
I don't think they are small amounts of spaces.

Thank you.

sundialsvcs 08-20-2012 09:05 AM
The actual memory allocation these days is a good bit more flexible than that, and in any case you seem to be taking about the x86 family of microprocessors. We can in fact be more general than that.

"The Linux kernel" is an always-resident piece of software, what IBM called a "System Control Program (SCP)," which in many ways is actually a better term. It's the programming, always present in memory, which dictates the moment-by-moment operation of the system, including the handling of interrupts and the organized dispatching of user-level work among one or more CPUs or cores.

"The (Kernel) Stack" is a protected area of memory, available only to kernel code, which is used for subroutine-calls and other purposes, just like a stack is used in any user-land program. The difference is that it's only available to the kernel, therefore it is trustworthy for the kernel's needs.

273 08-20-2012 09:10 AM
Apologies for an uneducated question here but does ASLR come into it? I was under the impression this would change the address of things like the Kernel stack (ideally at least)?

sundialsvcs 08-22-2012 09:22 AM
As far as I am aware, ASLR does nothing to the layout of memory in kernel space, since user applications can't get there to begin with.

In user-space, the idea is just a fancy-pants way of describing the notion of adding a few random padding-bytes here and there, and I actually don't think that it does much good since the pointers are still there.


All times are GMT -5. The time now is 05:10 AM.