anatomy of a program (week 2) Flashcards

1
Q

each process in a multi-tasking OS runs in its own memory sandbox. what does this mean?

A

virtual address space, which in 32-bit mode is always a 4GB block of memory addresses

these blocks are mapped to physical memory by page tables, which are maintained by the OS kernel and consulted by the processor

each process has its own set of page tables, but there is a catch: once virtual addresses are enabled, they apply to all software running in the machine, including the kernel itself

THUS: a portion of the virtual address space must be reserved to the kernel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what are some differences between kernel space and user-mode space in virtual memory?

A

kernel space is flagged in the page tables as exclusive to privileged code; hence a page fault is triggered if user-mode programs try to touch it

in linux, kernel space is constantly present and maps the same physical memory in all processes

kernel code and data are always addressable, ready to handle interrupts or system calls at any time

by contrast, the mapping for the user-mode portion of the address space changes whenever a process switch happens

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

why did address space randomization become popular?

A

When computing was happy and safe and cuddly, the starting virtual addresses for the segments shown above were exactly the same for nearly every process in a machine. This made it easy to exploit security vulnerabilities remotely. An exploit often needs to reference absolute memory locations: an address on the stack, the address for a library function, etc. Remote attackers must choose this location blindly, counting on the fact that address spaces are all the same. When they are, people get pwned. Thus address space randomization has become popular. Linux randomizes the stack, memory mapping segment, and heap by adding offsets to their starting addresses. Unfortunately the 32-bit address space is pretty tight, leaving little room for randomization and hampering its effectiveness.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what happens if the max stack size has been reached and we try to push more data on the stack?

A

stack overflow: and the program receives a seg fault

while the mapped stack area expands to meet demand, it does not shrink back when the stack gets smaller

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what is the only situation in which access to an unmapped memory region might be valid?

A

dynamic stack growth: any other access to unmapped memory triggers a page fault that results in a segmentation fault

How well did you know this?
1
Not at all
2
3
4
5
Perfectly