Courses/Computer Science/CPSC 457.W2012/Lecture Notes/KernMem

= Kernel Memory Management =

The term "memory" is an overloaded one, and concepts like virtual memory conflate the notion of disk storage and main memory; in turn, caching file content in memory can make these concepts even more of a muddle.

In this session, we will take a step back and consider how the Linux kernel handles different memory management tasks, including:


 * supporting virtual memory (caching memory pages, caching files in memory)
 * managing its own memory allocation needs
 * managing the data structures for memory pages on behalf of userlevel tasks

= Notes =

The slides for today.

The struct page structure for holding metadata about physical page frames (and metadata used by the SLUB allocator).

Code for demonstrating compiler-declared size of userland structures and how malloc operates by exploring the data "around" a returned pointer.

A program called break that invokes mmap to try to allocate a single byte.

Sample output for the break program (see what it actually does to the processes memory regions list).

Excellent article on kernel memory exploitation with an overview of the three allocators:

http://census-labs.com/news/2012/01/03/linux-kernel-heap-exploitation/

Links from above article on various related topics:
 * on reading /proc/slabinfo: http://thread.gmane.org/gmane.linux.kernel/1108378/
 * on whether additional allocators will go in the kernel: http://thread.gmane.org/gmane.linux.kernel.mm/48515
 * on SLEB: http://thread.gmane.org/gmane.linux.kernel.mm/48394/
 * on SLQB: http://thread.gmane.org/gmane.linux.kernel/780475

More on kernel exploitation:
 * http://threatpost.com/en_us/blogs/smashing-linux-heap-011312
 * http://vulnfactory.org/research/slob.pdf

= Reading =


 * ULK, Chapter 15 (optional)