12、 Process address space (PMAP; vdso; MMAP)

One 、 Process address space
char* p You can talk to intptr_t Interconversion
1、 Can point to any address
2、 Legal address （ Readable or writable ）
    （1） Code （main, %rip From here, the instructions to be executed ）, read-only
    （2） data （static,int x）, Reading and writing
    （3） Stack （int y）, Reading and writing
    （4） Run time memory allocation , Reading and writing
    （5） Dynamic link library
3、 Illegal address
    （1）NULL, Lead to segmentation fault 
Two 、 View the process address space
pmap(1) report memory of a precess
How to view the address space of a process
1、 The smallest Hello world （ static state / Dynamic links ）
    （1） Address space of the process ： Several consecutive “ paragraph ”
    （2）“ paragraph ” Of memory can be accessed
    （3） Not in segment / A memory access violation triggers SIGSEGV
            gdb You can access... Beyond your authority , But you can't access addresses that don't exist
3、 ... and 、 The operating system provides a mechanism to view the process address space
RTFM：/proc/[pid]/maps (man 5 proc)
1、 Each segment in the process address space
    （1) Address （ Range ） And authority （rwxsp）
    （2） Corresponding file ：offset,dev,inode,pathname
2、 and readelf The information in the verifies each other

Four 、 Address space of the process

Address space of the process = There are several consecutive in memory “ paragraph ”

1、 Each segment is accessible （ read / Write / perform ） Of memory

        （1） May map to a file and / Or shared between processes

System call to manage the process address space

// mapping 
void *mmap(void* addr, size_t length, int port, int flag, int fd, off_t offset);
// Unmap 
void munmap(void,* addr, size_t length);
// Modify mapping permissions 
int mprotect(void,* addr, size_t length, int port);

2、RTFM： The state increases / Delete / Modify an accessible memory

5、 ... and 、 Address space isolation

Every *ptr Only this process can be accessed （ State machine ） Of memory

1、 Unless mmap According to specified 、 Map shared file or shared memory multithreading

2、 It realizes the most important functions of the operating system ： Isolation between processes

6、 ... and 、 Modifier

1、 Modifier

        （1） adopt open ”/proc/pid/mem“

         Facilitate a value in memory , According to the modified value , You can lock the address space ; By modifying the value of the address , Implement modification .

         Such as ： The modifier locks the address by value , Realize the game gold coin value modification

2、 Variable speed gear

        （1）“ cheating ” Process clock

         The source of the ： alarm clock 、 sleep 、gettimeofday

         Intercepting them requires sophisticated technology

        Call at time （ system call ） It's about , Add a jump instruction , Jump to custom time handler , Time tooth transformation can be realized

3、 Game security

control / Data flow integrity

        （1） Protect the integrity of the process

        Independent process / The driver performs integrity verification

        （2） Protect private data from being read or written by other processes

        Block the ReadProcessMemory and WriteProcessMemory, Refuse to execute immediately after discovery