What Is Virtual Memory (wip)

The concept of virtual memory is nothing new but for many beginners in computer science and security research it is still a hard thing to understand, so I decided to put together a write-up. The Virtual Memory is used on most operating systems to date. iOS, Android, macOS, Windows, Linux, etc. The whole idea behind Virtual Memory is that each application running on the system has its own address space and it is completely oblivious to the existence of other processes. In other terms, each running program thinks it is the only one running and all the memory belongs to it to do things at its heart content.

The reality is, of course, different. Several programs have to share a limited resource - the RAM or Random Access Memory. That can be anything from a few megabytes to a few gigabytes, but it is still limited. If you only have one single program running at a time (such is the case with Arduino today and was with 8-Bit computers in the 1980s) that should not really be a problem, but when you have to run multiple programs at the same time the memory limitation becomes a thing that hits you hard.

So let’s say we have a computer that has as little as 256 MB of RAM. This is what is called the Physical Memory. This is what you pay for when you buy a RAM stick (or bought before certain companies decided it is a good idea to solder the RAM to the motherboard and make impossible to upgrade). Of course, you may run a single program fine (given the program can fit in these constraints) but you would have issues running multiple programs and even if you could, running programs directly into the physical memory results in Memory Segmentation.

Memory Segmentation happens when multiple programs run at the same time on the Physical Memory and then quit. Let’s say we have two programs. Program A and Program B. Let’s say Program B is 512 KB in size and Program A is 1 Megabyte. They run fine and then Program B quits. The 512 KB space Program B used to occupy in the Physical Memory is now empty and can be allocated but if the next Program that has to run needs more than that it will be allocated elsewhere. The smaller these gaps the bigger the chances they will never be allocated pretty much creating holes in the memory that do not hold any data and cannot be used either. You would end up running out of memory just due to segmentation, given enough programs run and quit in a time frame.

So, as you can see, the fact that nowadays programs tend to be very big and sometimes require more RAM than you actually have and the fact that Memory Segmentation is pretty much a thing have facilitated the advent of Virtual Memory. The Virtual Memory does not physically exist as the physical one, but it uses the physical memory.

MIPS promises a 32-Bit address space to every program. That is 4GB of address space. If you have a 4GB stick of RAM you may think you can successfully run at least a program without Virtual Memory and then you realize the Operating System is also a thing and it also sucks a lot of that sweet RAM. So here is where Virtual Memory comes.

Let’s say we have 256 MB of RAM and we run programs with 32-Bit Address Spaces. That means 4GB of RAM for each program. How the hell would that fit? It won’t. But we can make it think it would. The Virtual Memory pretty much ensures that each process gets its 4GB address space but it is a virtual one. The addresses are VA (Virtual Address) not PA (Physical Address). A table will pretty much contain the virtual address and its physical address equivalent. So when the program runs, this table will help with the translation from virtual to physical. The processor has a component called the MMU or the Memory Management Unit. This piece of hardware handles something called “Lookup Table” which handles the translation. Of course, the thing would still not fit in the physical memory so here comes the concept of Memory Pages which are pretty much small (usually 4KB) chunks of memory. The pages that are required at the moment are kept in the physical memory for ease of access and everything else is kept on the Disk. The above-mentioned tables know which virtual address resolves to a physical address and which virtual address resolves to disk.


Written on September 14, 2018 by GeoSn0w (@FCE365)