Hi Hayim, Gaurav... It is interesting to watch you two "talk" about this issue. I hope Talib can survive reading your energetic reply :)) But anyway, here is my comment (that makes me the "neutral" side? :)) ) > > I dont think kernel memory can ever be swapped out, but definitely > > user process memory is swappable. If I am wrong correct me. Speaking about kernel pages, I am almost 100% sure it isn't swappable. This is at least true if the pages contains code such as interrupt handler, fault handler and so on. And, by making all kernel codes/data pages not swapable, it certainly simplify kernel design. > Paging helps you solve this problem by mapping higher addresses to > those pages, so although not contiguous in RAM they are contiguous in > VM. higher...you mean it is higher than PAGE_OFFSET+4M, hayim? > It a little suprised me to learn that the Linux kernel maps its > memory contiguously into RAM, and still avoid such external > fragmentation. Indeed "Understanding the linux virtual memory > manager" page 113, states that large blocks are allocated with > vmalloc to avoid external fragmentation. > (available here: http://www.skynet.ie/~mel/projects/vm/) "maps its memory"...you mean maps its code contigously? > For example, suppose you have a machine with 64M. > Then: > PAGE_OFFSET = 0xC0000000 > high_memory = PAGE_OFFSET + 64M = 0xC4000000 Hm, interesting. In one side, high_memory denotes the end of the physical RAM mapping. At another side, high memory pool refers to page frame that can't fit inside kernel address space (above 896 MB). Wonder why it happens...anybody can explain? > If you do vmalloc you'll get an address above 0xC4800000. This > address will be mapped to some physical page. Note that that page is > mapped twice by the kernel. Hayim, can you explain why it is mapped twice? > Now suppose the user is playing tricks on Talib and gives him back > the pointer: 0xC2100000. Is it possible for this pointer not to be > mapped? Isn't this virtual pointer mapped to the physical address > 0x02100000. Regardless to whether it is a kernel page, user page or > free page, reading the RAM at that address will give you something. > > Or are you suggesting that the kernel unmaps this page (invalidate > the corresponding entry in the CPU page table) so accessing this > address will cause a CPU exception? IMHO, although the above address (0xC2100000) is in kernel address space, it doesn't neccesarily mean there is a page table that maps the page to that virtual address. Thus, unmapping the page is conditional. BTW, speaking back to the original topic. IMHO passing kernel space address( >PAGE_OFFSET) back and forth between kernel and user space might impose several security issues, not to mention risk to corrupt kernel space memory. back to Hayim's example, what if that address contains Interrupt handler address (0xC2100000) and since the kernel module trust the passed address, it will just blindly take it and store a value there. Isn't it a risk? Or Talib was already aware of it and put some safeguards? > I think I found the answer in page 54 "understanding the linux > virtual memory management". > > Consider a 32-bit machine with 12G RAM. You can't map the whole RAM > into your 1G. What would you map? If you mapped 1G you won't leave > room for the VMALLOC area. you just map the first 896 MB, Hayim. 128 MB space is reserved ... > From what I understand from "UtLVMM" in such high-memory system a > third area is introduced: kmap-addr-space. which is used to map > higher memory. (and obviously you don't map the whole RAM) yeap, kmap, vmalloc and fix mapped linear address. CMIIW just a 2 cents reply :) regards, Mulyadi -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/