Chapter 4: Virtual Process Memory
Split region?
do_munmap
find_vma_prev
find_vma
split_vma
split_vma
detach_vmas_to_be_unmapped
unmap_region
remove_vma_list
Another split necessary?
Figure 4-13: Code flow diagram fordo_munmap.
Thekernelmustfirstinvokefind_vma_prevto try to find thevm_area_structinstance for the region to
be unmapped. This function operates in exactly the same way asfind_vmadiscussed in Section 4.5.1, but
it not only finds thevm_area_structmatching the address, but also returns a pointer to the predecessor
region.
If the start address of the area to be unmapped is not precisely at the start of the region found by
find_vma_prev, only part but not the whole of the mapping is unmapped. Before the kernel does this,
it must first divide the existing mapping into several parts. The front part of the mapping that is not to
be unmapped is first split off bysplit_vma. This is a helper function I won’t bother discussing because
all it does is perform standard operations on familiar data structures. It simply allocates a new instance
ofvm_area_struct, fills it with the data of the old region, and adjusts the boundaries. The new region is
inserted into the data structures of the process.
The same procedure is repeated for the rear part of the mapping if the old region is not to be unmapped
right up to its end.
The kernel then invokesdetach_vmas_to_be_unmappedto draw up a list of all regions to be unmapped.
Because an unmapping operation can involve any area of address space, it may well be that several suc-
cessive regions are affected. The kernel has ensured that only complete regions are affected by splitting
the areas at the start and the end.
detach_vmas_to_be_unmappediterates over the linear list ofvm_area_structinstances until the whole
area is covered. Thevm_nextelement of the structures is briefly ‘‘misused‘‘to link the regions to be
unmapped with each other. The function also sets the mmap cache toNULL, thus invalidating it.
Two final steps follow. First,unmap_regionis invoked to remove all entries from the page tables associ-
ated with the mapping. When this is done, the kernel must also make sure that the relevant entries are
removed from the translation lookaside buffer or are rendered invalid. Second, the space occupied by
thevm_area_structinstances is freed withremove_vma_listto finally remove the mapping from the
kernel.
