8

I'm confused, does mmap allocate an entire page of memory (regardless of size specified), or does it just allocate the size you request? Really, I'm curious about what happens on subsequent calls to mmap -- would a second call allocate a new page (even if both calls use an amount under the page size) or would it allocate a block adjacent to the previous call?

Same thing for mprotect - does that protect the entire page, or just the part specified?

sircodesalot
  • 11,231
  • 8
  • 50
  • 83

2 Answers2

10

Yes.

But that is not because of mmap per se, it is because the kernel can't really do anything different. Memory is organized in pages, and the MMU "thinks" in terms of pages, so there is no way (no sane, reasonable way anyway) to allocate half a page and give the other half to someone else.
How would one e.g. prevent process 2 from stealing confidential data from process 1 if they each have allocated half a page? The memory protection system doesn't work that way, it would be impossible to prevent that from happening.

mmap mandates that length be non-zero, or it will fail. Other than that, it has no requirements on the input parameters (apart from contradicting flags), but of course an implementation is always allowed to have the call fail for other reasons, at its discretion ("implementation" here means for example "Linux").

The effective address of the mapping (which will be returned by a successful call to mmap) is an implementation-defined function of the address hint. Practically, this means rounding the hint down to the previous page (usually 4096 bytes) boundary and rounding the length up to the next page boundary.
Different versions of Linux behave differently on some address ranges, for example prior to version 2.6, hints below mmap_min_addr would fail with EINVAL whereas it now rounds the address up so it is valid.

Source: POSIX

Damon
  • 67,688
  • 20
  • 135
  • 185
7

If the length argument is not a page size multiple it will be rounded up to page size multiple.

As a consequence, the answer to your question is yes mmap() virtually allocates only entire pages.

Regarding mprotect() the man page clearly answer to your question:

mprotect() changes protection for the calling process's memory page(s) containing any part of the address range in the interval [addr, addr+len-1]. addr must be aligned to a page boundary.

Manuel Selva
  • 18,554
  • 22
  • 89
  • 134
  • I don't think that's exactly true. I think it rounds up `length` to page size multiple. – zch Mar 18 '14 at 16:34
  • @zch do you mean that mmap does the round up if the length is not a multiple of page's size ? – Manuel Selva Mar 18 '14 at 16:35
  • If I remember correctly, yes. Not that the manpage doesn't require `len` to be multiple of page size, only `offset`. – zch Mar 18 '14 at 16:39
  • it's not clear what the man page says ;-) I am not English native, but I could interpret that it says that also for length. But reading carrefully, you are right I was wrong. answer updated, thanks – Manuel Selva Mar 18 '14 at 16:42
  • It definitely works if the `length` isn't a page size multiple, so I assume it rounds up. But just to make sure, it does (under the hood) map to an actual page size, and subsequent calls would create multiple pages? – sircodesalot Mar 18 '14 at 16:52
  • 1
    @sircodesalot yes. You can look into /proc/XXXX/mmap to check it. – Manuel Selva Mar 18 '14 at 16:54