Where exactly is the red zone on x86-64?

Question

From Wikipedia:

In computing, a red zone is a fixed-size area in a function's stack frame beyond the return address which is not preserved by that function. The callee function may use the red zone for storing local variables without the extra overhead of modifying the stack pointer. This region of memory is not to be modified by interrupt/exception/signal handlers. The x86-64 ABI used by System V mandates a 128-byte red zone, which begins directly after the return address and includes the function's arguments. The OpenRISC toolchain assumes a 128-byte red zone.

From the System V x86-64 ABI:

The 128-byte area beyond the location pointed to by %rsp is considered to be reserved and shall not be modified by signal or interrupt handlers. Therefore, functions may use this area for temporary data that is not needed across function calls. In particular, leaf functions may use this area for their entire stack frame, rather than adjusting the stack pointer in the prologue and epilogue. This area is known as the red zone.

• Given these two quotes, is the red zone above the stacked return address or below the stacked return address?

• Since this red zone is relative to RSP, does it move downward with each push and does it move upward with each pop?

Answer 1

Given these two quotes, is the red zone above the stacked return address or below the stacked return address?

The red zone is the 128 bytes just below rsp, i.e. rsp - 128 to rsp - 1.

Since this red zone is relative to RSP, does it move downward with each push and does it move upward with each pop?

Yes.