How Linux Kernel Manages Dynamic Memory and Process Address Space

Some RAM is permanently reserved for the kernel to store kernel code and static data structures, while the rest is dynamic memory used by both processes and the kernel itself. System performance depends on efficient dynamic memory management, so modern multitasking OSes aim to allocate memory on demand and release it when not needed.

When the kernel allocates dynamic memory, it is straightforward because the kernel has the highest priority, its requests are always justified, and the kernel trusts its own code, so no extra protection is needed.

In contrast, allocating memory for user‑space processes is different: requests are considered non‑urgent, malloc() does not guarantee immediate use, and the kernel tries to postpone allocation. Since user processes are untrusted, the kernel must be ready to catch any addressing errors they cause.

To maximize dynamic memory usage, the kernel employs delayed allocation. When a user process requests memory, it receives rights to a new linear address range rather than actual memory; the collection of all such ranges forms the process address space . Information about the address space is stored in a data structure called the memory descriptor ( mm_struct), whose mm field in the task structure points to it. struct mm_struct *mm; The mm_struct contains fields that describe the layout of a process's virtual memory, such as: start_code, end_code – start and end addresses of the executable code. start_data, end_data – start and end addresses of initialized data. start_brk, brk – start and current end of the heap. start_stack – start address of the user‑mode stack. arg_start, arg_end – start and end addresses of command‑line arguments. env_start, env_end – start and end addresses of environment variables.

The process address space consists of multiple linear address regions. Linear (virtual) addresses are 32‑bit unsigned integers ranging from 0x00000000 to 0xffffffff, typically displayed in hexadecimal. The region 0x00000000 ~ 0xbfffffff (3 GB) is user space, while 0xc0000000 ~ 0xffffffff (1 GB) is kernel space.

The following C program prints the actual addresses of these regions, confirming the layout:

#include <stdio.h>
#include <stdlib.h>

int uninitialized_global_var;
int initialized_global_var = 100;

int main(int argc, char *argv[], char *envp[])
{
    printf("Code address:%p
", main);
    printf("Initialized Data address:%p
", &initialized_global_var);
    printf("Uninitialized Data address:%p
", &uninitialized_global_var);
    int *p = (int*)malloc(sizeof(int));
    printf("Heap address:%p
", p);
    printf("Stack address:%p
", &p);
    for (int i = 0; i < argc; i++) {
        printf("Command-line Arguments address:%p
", argv[i]);
    }
    for (int i = 0; envp[i]; i++) {
        printf("Environment Variables address:%p
", envp[i]);
    }
    return 0;
}

Running the program produces addresses that match the expected sections of the process address space.

Virtual memory (the set of linear addresses) is translated to physical memory by the page table. The kernel manages physical memory in fixed‑size pages (typically 4 KB) using the struct page structure.

struct page {
  page_flags_t flags;
  atomic_t _count;
  atomic_t _mapcount;
  unsigned long private;
  struct address_space *mapping;
  pgoff_t index;
  struct list_head lru;
#if defined(WANT_PAGE_VIRTUAL)
  void *virtual;
#endif
};

Pages are the basic unit for physical memory, while page frames are the actual storage locations. The distinction is that a page is an abstract data structure that can reside anywhere, whereas a page frame is a concrete region of RAM.

Page tables map a process's virtual address space to physical memory, allowing the CPU to use physical addresses. They also enable the kernel to check and intercept invalid address accesses, providing protection for physical memory and decoupling the process management and memory management modules.