进程的页表是否映射到内核地址空间? [英] Is a process' page table mapped to Kernel address space?
问题描述
我在做 Windows 系统编程,想知道是否可以在源代码级别访问进程的页表.
I was doing Windows system programming and wondered if I can access a process' page table on source code level.
这是我所知道的与虚拟内存相关的页表.
Here is what I know about page table related to virtual memory.
假设用户只是在 Windows 操作系统(32 位)上运行一个名为A"的进程.
Let's suppose an user just runs a process called 'A' process on Windows OS(32bit).
首先,操作系统为 A 进程创建并维护了 4GB 的虚拟地址空间.
First of all, the OS creates and maintains 4GB virtual address space for A process.
(其中2GB是内核地址空间,另外2GB是用户地址空间.
(2GB of it is Kernel address space and the other 2GB is User address space.
用户地址空间中的任何代码都不能直接访问内核地址空间.)
Any codes in User address space cannot directly access Kernel address space.)
然后,操作系统在物理内存中为A进程创建并维护一个页表,将虚拟内存地址映射到物理内存地址.
Then, the OS creates and maintains a page table for A process in physical memory to map virtual memory address to physical memory address.
这是我的问题.
OS 为 A 进程创建页表后,这个页表是否映射到 A 的内核地址空间,以便用户可以从源代码中间接访问页表?
After OS creates a page table for A process, is this page table mapped to A's Kernel address space so user can indirectly access the page table from source code?
或者页表没有映射到 A 的任何虚拟地址空间而只是驻留在物理内存中,因此用户无法访问页表?
Or the page table is not mapped to any of A's virtual address spaces but just resides only in physical memory so user cannot access the page table?
推荐答案
为了加快页表的操作,内核通常使页目录中的一个条目指向页目录.这使得所有页表在地址空间中被映射和访问.然而,正如 Raymond Chen 所指出的,这些不能从用户模式访问.没有充分的理由允许应用程序弄乱页表.有一些 API 可以分配(和映射)地址空间区域,而应该使用这些 API.
To speed up manipulation of page tables, the kernel normally makes one entry in the page directory point to the page directory. This makes all page tables mapped and accessible in the address space. However, as Raymond Chen has indicated, these are not accessible from user mode. There's no good reason to allow applications to mess with page tables. There are APIs to allocate (and map) regions of address space and those should be used instead.
您的意思是在A"进程的虚拟内存的内核地址空间中有页表条目,这些条目被映射到驻留在物理内存中的真实页表.因此,进程只有在具有内核模式时才能访问这些页表条目,而进程没有它.因此,该进程毕竟无法访问其页表.对吗?
You mean there are page table entries in the kernel address space of 'A' process' virtual memory, and those entries are mapped to the real page table residing in physical memory. So, the process can access these page table entries only if it has kernel mode, but the process does not have it. Therefore, the process cannot access its page table after all. Is it right?
没错.页面的可访问性由当前权限级别(用户与内核)、段访问权限和页面访问权限控制.系统中采用的这些特定组合不会让在用户模式下运行的代码访问内核数据,包括页目录和页表.
Right. Accessibility of pages is governed by the current privilege level (user vs kernel), segment access rights and page access rights. The particular combination of these employed in the system does not let code running in user mode access kernel data, including the page directory and page tables.
这篇关于进程的页表是否映射到内核地址空间?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
