Part – 2 Virtual Memory Organization

This is Virtual Memory Organization part 2 of Linux assembly language premier. Befor reading part 2 if you didn’t cover the part 1 System organization then I suggest you to go through System Organization first.
In this part we will see how each process is laid out in same virtual memory space, memory layout of a process etc.
[sourcecode lang=”c”]
#include<stdio.h>
#include<stdlib.h>

int add(int x, int y)
{
int z =10;

z = x + y;
return z;
}

main(int argc, char **argv)
{
int a = atoi(argv[1]);
int b = atoi(argv[2]);
int c;
char buffer[100];
gets(buffer);
puts(buffer);

c = add(a,b);

printf("Sum of %d+%d = %d\n",a, b, c);

exit(0);

}
[/sourcecode]
Above program take two user inputs as command line arguments and convert them into integer, then it take a string input from user and then add the two integer and gives the sum.

We compile this program
# gcc sample.c

Now we run it
# ./a.out 10 20
now we need to input string but we don’t input the string rather then that we goto another terminal to see the memory layout of simple.c program.
Steps to find the memory layout of sample.c program –
1. Find process id for sample.c
# ps -aux | grep ./a.out
the process id for sample.c is 4058

2. In linux /proc directory holds all the run time info about the process running on system. Given a process id we can find a find a directory corresponds to that process.

3. # cat /proc/process_id/maps
maps directory contains the memory layout

To prove that every process runs in the same virtual memory space we rerun the program and check the memory layout. We will find that it start at same location.
But stack loaded in different location this time. Why ?
This happens due to virtual address randomization which means the various segments will be randomized every time we run the program so stack will be not be loaded in the same segment. Stack address changes every time to stop the various attacks like stack over flow attack, buffer overflow attack and virtual address randomization make it difficult to attack on hard coded stack. Virtual address randomization takes place in linux kernel 2.6 or above.
To check you linux kernel info type
# uname -a

We can stop the virtual address randomization by changing the run time parameter
in kernel.
# Cat /proc/sys/kernel/randomize_va_space

randomize_va_space values
0: No randomization of address space.
1: Conservative address space randomization. Code start register will be randomized.
2: Full address space randomization. Contains the feature of value 1 in addition break area is randomized.

We make this value to stop virtual address randomization.
# Echo 0 > /proc/sys/kernel/randomize_va_space
Now if we run the program then it will run in the same address space every time.

In this part we learn how to see the memory layout of a process and how to set/unset the virtual address randomization. If you have any doubts or queries, feel free to comment 🙂

Next –> Part 3 Examine memory, stack, Registers using gdb

Leave a Reply

Your email address will not be published. Required fields are marked *