3

I am aware that ARM architecture emulates the Linux's young and dirty flags by setting them in page fault handlers as discussed here. But recently for a small binary, I observed that a Linux PTE in one of the anonymous segments was set to be not writable and dirty. The following Linux PTE state was observed:

- L_PTE_PRESENT : 1
- L_PTE_YOUNG   : 1 
- L_PTE_DIRTY   : 1
- L_PTE_RDONLY  : 1
- L_PTE_XN      : 0

I couldn't find an explanation for this combination of PTE flags. Does the kernel set this combination for special anonymous VMA segments? What does this combination signify? Any pointers will be helpful. Thanks in advance.

jada12276
  • 129
  • 8
  • What I am suggesting in the question is that the page was **dirty** and **not writable**. I wanted to ask was "_How can a page which is not allowed to be written is marked dirty? which probably means someone has written it?_" The binary simply forks a child process and allocates heap area before going into a forever loop. – jada12276 Feb 13 '16 at 02:21
  • hmm...so this is new to me. I thought that the _dirty_ bit indicated that the page contents are incoherent with the secondary storage and eviction of that page requires a write back to be performed. On the contrary, the _young_ bit is what I believe is used to decide whether a page be evicted (based on LRU algorithm).I got these ideas reading Page Frame Reclaiming chapter from [this](http://idak.gop.edu.tr/esmeray/UnderStandingKernel.pdf) book. – jada12276 Feb 15 '16 at 02:30
  • So, I cannot grasp this statement of yours: _"Dirty means it is not in a secondary store and is a candidate for eviction from main memory. It does not mean someone has written to it necessarily."_ I am a novice with Linux kernel, so please bear with me if I ask something stupid. Thanks for this discussion. – jada12276 Feb 15 '16 at 02:31
  • Ahan..so whether a page is writable or not doesn't matter. The kernel marks a page dirty if it knows it cannot recover it later on from swap or inode. And that the page reclaimer move them to swap only when there is no other option left. Thanks a lot for the explanation!! – jada12276 Feb 16 '16 at 17:24

1 Answers1

3

I observed that a Linux PTE in one of the anonymous segments was set to be not writable and dirty... What does this combination signify?

TL;DR - This simply means that the page is not in a backing store and it is read-only.

Dirty just means not written to a backing store (swap, mmap file or inode). Many things such as code are always read from a file, so they are backed by an inode.

If you mmap some read-only memory, then you could get this combination, for example. Other possibilities are a stack guard, allocator run-time buffer overflow detection, and copy-on-write functionality.

These are not normal. For a typical allocation, you will have something backed by swap and only a write will cause the page to become dirty. So the case is probably less frequent but valid.

See: ARM Linux PTE bits
        ARM Linux emulate dirty/accessed

There seems to be little documentation on what the young bit means. young is information about what to swap. If something is young and not accessed for a prolonged time, it is a good candidate to evict. In contrast, dirty is for whether it needs to be swapped. If a page is dirty, then it has not been written to a backing store (a swap file or mmap file, etc). The pager must write out this page then. If it was not dirty (or clean), then the pager can simply discard the memory and re-use.

The difference between young and dirty is like should and must.

- L_PTE_PRESENT : 1   - it has physical RAM (not swapped)
- L_PTE_YOUNG   : 1   - is has not been used
- L_PTE_DIRTY   : 1   - it is different than backing store
- L_PTE_RDONLY  : 1   - user space can not write.
- L_PTE_XN      : 0   - code can execute.

Not present and dirty seem like an impossible condition for instance, but dirty and read-only is valid.

Community
  • 1
  • 1
artless noise
  • 21,212
  • 6
  • 68
  • 105