是什么在操作系统中强制执行内存保护? [英] What enforces memory protection in an OS?

问题描述

通常， 我知道一个进程无法写入具有不允许写入保护的内存(在其地址空间中). 但是，什么检查该过程是否可以做到这一点呢?是否有任何汇编指令通过操作系统?如何运作?

In general, I know that a process can't write to a memory (in its addresses space) that has a protection that doesn't allow writing. But what checks whether the process can do this? Does any assembly instruction goes through the operating system? how does it work?

推荐答案

在大多数现代CPU(Intel x86，大多数ARM版本)中，都是由CPU本身进行检查. CPU在寄存器之一中存储数据结构的地址，该数据结构指定存储器的布局(页表")，具体来说，哪些地址是可读的，哪些是可写的，哪些是可执行的.

In most modern CPUs (Intel x86, most ARM flavors) it's the CPU itself that does the checking. The CPU stores, in one of the registers, an address of a data structure that specifies the layout of the memory ("page table") - specifically, which addresses are readable, which are writable, which are executable.

当程序尝试对相应页表项不允许的存储位置执行某项操作时，CPU会生成异常(中断)，并且操作系统将获得控制权.进一步的操作取决于操作系统.一种常见情况是操作系统显示错误消息并终止有故障的程序.

When a program tries to do something to a memory location that the respective page table entry does not allow, the CPU generates an exception (interrupt), and the OS gets control. Further actions depend on the OS. One common scenario involves the OS displaying an error message and terminating the faulty program.

页表由操作系统维护，用户区代码(通常)不可见.操作系统中的相关部分取决于硬件.

The page table is maintained by the OS and is not (typically) visible to userland code. The relevant portions in the OS are hardware dependent.

这篇关于是什么在操作系统中强制执行内存保护?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！