Understanding Segmentation & Address Translation in Intel Processors, Slides of Computer Science

An in-depth exploration of intel's memory management architecture, focusing on segmentation and address translation. The slides and code snippets illustrate how operating systems use memory management, segmentation, and the intel processor's memory layout. Students and professionals interested in operating systems, computer architecture, and system programming will find this information valuable.

Typology: Slides

2012/2013

Uploaded on 03/28/2013

ekana
ekana 🇮🇳

4

(44)

370 documents

1 / 24

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
9.1: Intel Memory 1
OPERATING SYSTEMS
Intel’s View of Memory
Management
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18

Partial preview of the text

Download Understanding Segmentation & Address Translation in Intel Processors and more Slides Computer Science in PDF only on Docsity!

9.1: Intel Memory 1

OPERATING SYSTEMS

Intel’s View of Memory

Management

9.1: Intel Memory 2

Intel Memory Management

This set of slides is designed to explain the Memory Management Architecture used by Intel Pentium processors.

For these slides we will use the Intel document found at:

http://www.intel.com/design/processor/manuals/253668.pdf

Intel explains this document as a description of the hardware interface required by

an Operating System in order to implement a Memory Management.

It’s assumed that you are familiar with the normal picture of memory management as presented in Chapters 8 & 9 in this course.

9.1: Intel Memory 4

How Do Operating Systems Use

Memory Management

printf("Address Start of Global: %8X\n", (int)(&GlobalMemory) ); printf("Address End of Global: %8X\n", (int)(&GlobalMemory) + MEM_SIZE -1); MemPtr = malloc( ONE_MEG ); printf("First location on heap: %8X\n", (int)MemPtr ); while( (MemPtr = malloc( ONE_MEG )) != NULL ) { LastPtr = MemPtr; Counter++; if ( Counter %100 == 0 ) printf("%5d alloc on heap:%8X\n", Counter, (int)LastPtr +ONE_MEG - 1); } printf("Total bytes allocated: %8X (Hex)\n", Counter * ONE_MEG ); printf("Last location on heap: %8X\n", (int)LastPtr ); }

#define STACK_ALLOC ONE_MEG void RecursiveRoutine( ) { char Temp[ STACK_ALLOC ];

printf("Begin/End of this allocation: %8X %8X\n", (int)&(Temp), (int)(&(Temp[STACK_ALLOC])) ); RecursiveRoutine(); }

Iterates on allocs

Iterates using lots of stack

9.1: Intel Memory 5

How Do Operating Systems Use

Memory Management

So I wrote a little program to probe the memory seen by a program. I ran that same program on Windows 2000, Windows XP and RedHat LINUX. I was looking at the addresses that were being used for various kinds of data/code in the program. I probed the addresses by asking for memory continually until something broke. For instance, did continual allocs until error was returned

Windows XP Memory Usage

Segment First Address Last Address Size

Code 401000x 403000x 002000x ~ 8 Kbytes Static (Global) Data

403000x 703000x 300000x ~ 3 megabytes Heap 760000x 3A261000x 39800000x ~ 950 megabytes Stack 22EF00x 16EF00x 1C0000x ~ 2 megabyte

Note these addresses grow down!

The file MemoryDemo.exe is about 170Kbytes in size.

Declared a 3 Meg static array!.

Note: 100000x == 1 Megabyte

9.1: Intel Memory 7

How Do Operating Systems Use

Memory Management

0x08048368 <main+0>: 55 push %ebp 0x08048369 <main+1>: 89 e5 mov %esp,%ebp 0x0804836b <main+3>: 83 ec 08 sub $0x8,%esp 0x0804836e <main+6>: 83 e4 f0 and $0xfffffff0,%esp 0x08048371 <main+9>: b8 00 00 00 00 mov $0x0,%eax 0x08048376 <main+14>: 83 c0 0f add $0xf,%eax 0x08048379 <main+17>: 83 c0 0f add $0xf,%eax 0x0804837c <main+20>: c1 e8 04 shr $0x4,%eax 0x0804837f <main+23>: c1 e0 04 shl $0x4,%eax 0x08048382 <main+26>: 29 c4 sub %eax,%esp 0x08048384 <main+28>: 83 ec 0c sub $0xc,%esp 0x08048387 <main+31>: 68 c0 84 04 08 push $0x80484c 0x0804838c <main+36>: e8 1f ff ff ff call 0x80482b 0x08048391 <main+41>: 83 c4 10 add $0x10,%esp 0x08048394 <main+44>: e8 02 00 00 00 call 0x804839b 0x08048399 <main+49>: c9 leave 0x0804839a <main+50>: c3 ret (^1) void b(); 2 void c(); 3 int main( ) 4 { 5 printf( "Hello from main\n"); 6 b(); 7 } 8 // This routine reads the opcodes from memory and prints them out. 9 void b() 10 { 11 char *moving; 12 13 for ( moving = (char *)(&main); moving < (char )(&c); moving++ ) 14 printf( "Addr = 0x%x, Value = %2x\n", (int)(moving), 255 & (int)moving ); 15 } 16 void c() 17 { 18 }

9.1: Intel Memory 8

Memory Layout

0x0804839b <b+0>: 55 push %ebp 0x0804839c <b+1>: 89 e5 mov %esp,%ebp 0x0804839e <b+3>: 83 ec 08 sub $0x8,%esp 0x080483a1 <b+6>: c7 45 fc 68 83 04 08 movl $0x8048368,0xfffffffc(%ebp) 0x080483a8 <b+13>: 81 7d fc d9 83 04 08 cmpl $0x80483d9,0xfffffffc(%ebp) 0x080483af <b+20>: 73 26 jae 0x80483d7 <b+60> 0x080483b1 <b+22>: 83 ec 04 sub $0x4,%esp 0x080483b4 <b+25>: 8b 45 fc mov 0xfffffffc(%ebp),%eax 0x080483b7 <b+28>: 0f be 00 movsbl (%eax),%eax 0x080483ba <b+31>: 25 ff 00 00 00 and $0xff,%eax 0x080483bf <b+36>: 50 push %eax 0x080483c0 <b+37>: ff 75 fc pushl 0xfffffffc(%ebp) 0x080483c3 <b+40>: 68 d1 84 04 08 push $0x80484d 0x080483c8 <b+45>: e8 e3 fe ff ff call 0x80482b 0x080483cd <b+50>: 83 c4 10 add $0x10,%esp 0x080483d0 <b+53>: 8d 45 fc lea 0xfffffffc(%ebp),%eax 0x080483d3 <b+56>: ff 00 incl (%eax) 0x080483d5 <b+58>: eb d1 jmp 0x80483a8 <b+13> 0x080483d7 <b+60>: c9 leave 0x080483d8 <b+61>: c3 ret 1 void b(); 2 void c(); 3 int main( ) 4 { 5 printf( "Hello from main\n"); 6 b(); 7 } 8 // This routine reads the opcodes from memory and prints them out. 9 void b() 10 { 11 char *moving; 12 13 for ( moving = (char *)(&main); moving < (char )(&c); moving++ ) 14 printf( "Addr = 0x%x, Value = %2x\n", (int)(moving), 255 & (int)moving ); 15 } 16 void c() 17 { 18 } Docsity.com

9.1: Intel Memory 10

Intel Memory Management

The memory management facilities of the IA-32 architecture are divided into two

parts:

Segmentation

Segmentation provides a mechanism of isolating individual code, data, and stack

modules so that multiple programs (or tasks) can run on the same processor

without interfering with one another.

When operating in protected mode, some form of segmentation must be used.

Paging.

Paging provides a mechanism for implementing a conventional demand-paged,

virtual-memory system where sections of a program’s execution environment

are mapped into physical memory as needed. Paging can also be used to

provide isolation between multiple tasks.

These two mechanisms (segmentation and paging) can be configured to support

simple single program (or single-task) systems, multitasking systems, or

multiple-processor systems that used shared memory.

9.1: Intel Memory 11

Intel Memory Management

See Figure 3-1.

Segmentation gives a mechanism for dividing the processor’s addressable memory space (called the linear address space ) into smaller protected address spaces called segments.

Segments are used to hold code, data, and stack for a program andr to hold system data structures (such as a TSS or LDT).

Each program running on a processor, is assigned its own set of segments.

The processor enforces the boundaries between segments and insures that one program doesn’t interfere with the execution of another.

The segmentation mechanism allows typing of segments to restrict operations that can be performed.

9.1: Intel Memory 13

Intel Memory Management

3.2.1 Basic Flat Model

The simplest memory model for a system is the basic “flat model,” the operating system and application programs have access to a continuous, unsegmented address space.

.

To implement a basic flat memory model with the IA-32 architecture, at least two segment descriptors must be created:

  • one for referencing a code segment and
  • one for referencing a data segment (see Figure 3-2).
  • both segments, however, are mapped to the entire linear address space: that is, both segment descriptors have the same base address value of 0 and the same segment limit of 4 GBytes.

9.1: Intel Memory 14

Intel Memory Management

3.2.2 Protected Flat Model

The protected flat model is similar to the basic flat model, except the segment limits are set to include only the range of addresses for which physical memory actually exists (see Figure 3-3).

A protection exception is generated on any attempt to access nonexistent memory. This model provides a minimum level of hardware protection against some kinds of program bugs.

More complexity can be added to this protected flat model to provide more protection.

Example: For the paging mechanism to provide isolation between user and supervisor code and data, four segments need to be defined:

  • code and data segments at privilege level 3 for the user,
  • and code and data segments at privilege level 0 for the supervisor.

9.1: Intel Memory 16

Intel Memory Management

3.3 PHYSICAL ADDRESS SPACE

In protected mode, the IA-32 architecture provides a normal physical address space of 4 Gbytes (2^32 bytes).

This is the address space that the processor can address on its address bus. This address space is flat (unsegmented), with addresses ranging continuously from 0 to FFFF,FFFFH. This physical address space can be mapped to read-write memory, read-only memory, and memory mapped I/O. The memory mapping facilities described in this chapter can be used to divide this physical memory up into segments and/or pages.

The IA-32 architecture also supports an extension of the physical address space to 2 36 bytes (64 GBytes); with a maximum physical address of F,FFFF,FFFFH. This extension is invoked

  • Using the physical address extension (PAE) flag, located in bit 5 of control register CR4.

-- Talked about later.

9.1: Intel Memory 17

Intel Memory Management

3.4 LOGICAL AND LINEAR ADDRESSES

The processor uses two stages of address translation to arrive at a physical

address: logical-address (via segments) translation and linear address space

(via paging) translation.

9.1: Intel Memory 19

Intel Memory Management

3.4.2 Segment Selectors

A segment selector is a 16-bit identifier for a segment (see Figure 3-6). It does not

point directly to the segment, but instead points to the segment descriptor that

defines the segment. A segment selector contains the following items:

Index — Selects one of 8192 descriptors in the GDT or LDT.

TI (table indicator) flag — Specifies the descriptor table to use: GDT or LDT

Requested Privilege Level (RPL) — Specifies the privilege level of the selector.

The privilege level can range from 0 to 3, with 0 being the most privileged level.

9.1: Intel Memory 20

Intel Memory Management

3.4.3 Segment Registers

To reduce address translation time and coding complexity, the processor provides registers for holding up to 6 segment selectors (see Figure 3-7).

Each of these segment registers support a specific kind of memory reference (code, stack, or data).

At least the code-segment, data-segment, and stack-segment registers must be loaded for a program to run..

The processor provides three additional data-segment registers (ES, FS, and GS), which can be used to make other data segments available to the currently executing program (or task).

To access a segment, a program must get to it via a segment register.

Although a system can define thousands of segments, only 6 can be available for immediate use.

There are instructions available so the OS can set up segment registers.

Note how the address translation actually goes through the segment register rather than through the Descriptor Table.