Showing results for 
Search instead for 
Did you mean: 

query on linux segments

amit mehta_2
Regular Advisor

query on linux segments


snip from the docs at: ""

Under the Linux kernel only 4 segments exist:

1. Kernel Code [0x10]
2. Kernel Data / Stack [0x18]
3. User Code [0x23]
4. User Data / Stack [0x2b]

So, every Task uses 0x23 for code and 0x2b for data/stack.

what does it mean ?

Honored Contributor

Re: query on linux segments

Memory management is an amazingly complex subject in modern operating systems (you could probably write an entire book about it), and I'm definitely not an expert in the subject.

In very broad, general terms, a segment is a block of memory with its own protection policy. The Linux kernel breaks things in to four segments. Kernel- and user-space have different rules on who can access what, and executable code is treated differently than data.
amit mehta_2
Regular Advisor

Re: query on linux segments

Thanks Heironimus,
yes i too find it very difficult to understand
memory management subsystem of linux kernel.
how can i verify that the corrosponding(code,stack..) really uses the above memory location.
Honored Contributor

Re: query on linux segments

They are not really "memory locations". The things that are stored into x86 CPU's segment registers are called "segment selectors" and they contain some permission bits and an index into "segment descriptor table".

See Wikipedia for more information:

Note that in Linux, the protected mode is always used. Real mode is used in the very early phases of Linux kernel start-up.

Using the segment descriptor table, the segment + address combination is translated into "linear addresses". Then the paging unit of the CPU performs _another_ mapping on them to get the real, physical addresses.

The segmentation mechanism was added to the x86 architecture way back when the 286 CPU was introduced. It was not a huge success: I think it was regarded as overly complex at that time.

So, for the 386 CPU, Intel added the paging unit: it manages fixed-size memory pages and does not have all the features of the segmentation mechanism. The segmentation mechanism of the 286 was maintained to make the 386 processor fully compatible with the 286. In the 386 CPU, both the segmentation and paging mechanisms could be independently switched on or off: you could use either of them alone, both of them together or neither.

So, we can say that Linux uses the segmentation mechanism in a simplified way to gain the use of hardware-level memory protection features, but does all the interesting things using the paging mechanism.

You also asked how to verify that only those segments are used. For the user space, this is fairly easy: make a small program (using assembler code) that reads the values of the CPU's segment registers (CS, DS, ES and SS).

You could even try to write a program that tries to set other values to those registers and then tries to access memory: you'll find that when the CPU begins executing the instruction with invalid segment selector, it immediately causes an exception, normally causing your program to immediately die with a "Segmentation fault" or "Memory fault" error message. If you're running your program inside a debugger or some sort of sandbox environment, the error is reported by your debugger/sandbox.

For kernel mode, it's more tricky: to see what segment register values are used when the kernel code is being executed, you must write a kernel module that reads the segment registers.

If some part of kernel tries to use an invalid segment selector, you'll typically get a kernel error message (an "Oops" message) to the system log. If you're very unlucky, the entire operating system might crash.