问题
I was doing Windows system programming and wondered if I can access a process' page table on source code level.
Here is what I know about page table related to virtual memory.
Let's suppose an user just runs a process called 'A' process on Windows OS(32bit).
First of all, the OS creates and maintains 4GB virtual address space for A process.
(2GB of it is Kernel address space and the other 2GB is User address space.
Any codes in User address space cannot directly access Kernel address space.)
Then, the OS creates and maintains a page table for A process in physical memory to map virtual memory address to physical memory address.
Here is my question.
After OS creates a page table for A process, is this page table mapped to A's Kernel address space so user can indirectly access the page table from source code?
Or the page table is not mapped to any of A's virtual address spaces but just resides only in physical memory so user cannot access the page table?
回答1:
To speed up manipulation of page tables, the kernel normally makes one entry in the page directory point to the page directory. This makes all page tables mapped and accessible in the address space. However, as Raymond Chen has indicated, these are not accessible from user mode. There's no good reason to allow applications to mess with page tables. There are APIs to allocate (and map) regions of address space and those should be used instead.
You mean there are page table entries in the kernel address space of 'A' process' virtual memory, and those entries are mapped to the real page table residing in physical memory. So, the process can access these page table entries only if it has kernel mode, but the process does not have it. Therefore, the process cannot access its page table after all. Is it right?
Right. Accessibility of pages is governed by the current privilege level (user vs kernel), segment access rights and page access rights. The particular combination of these employed in the system does not let code running in user mode access kernel data, including the page directory and page tables.
来源:https://stackoverflow.com/questions/41454943/is-a-process-page-table-mapped-to-kernel-address-space