This preview shows page 1. Sign up to view the full content.
Unformatted text preview: y information to favour some programs over others. A program is switched out of the processor either because the operating system is invoked by a timer interrupt and decides the program has had enough time for now, or because the program has requested a slow peripheral access (such as a disk access) and cannot do any more useful work until it gets a response. Rather than leave the program idling in the processor, the operating system switches it out and schedules another program that can make useful progress. In order to create the virtual machine in which a program runs, the operating system must establish an environment where the program has access to its code and data at the memory locations where it expects to find them. Since one program's expectations of the addresses it will use may conflict with another's, the operating system uses memory translation to present the physical memory locations where it has loaded the code and data to the program at appropriate logical addresses. The program sees the memory through a logical-to-physical address translation mechanism which is managed by the operating system. Where several users are running programs on the same machine it is highly desirable to ensure that an error in one user's program cannot interfere with the operation of any of the other programs. It is also, unfortunately, necessary to protect against malicious attempts to interfere with other programs. Memory
v management Protection 292 Architectural Support for Operating Systems The memory-mapping hardware which gives each program its own virtual machine can also ensure that a program cannot see any memory belonging to another program, thereby providing a measure of protection. It is not efficient to enforce this too far, however, since sharing areas of memory that contain, for example, libraries of useful functions can save on memory use. A solution here is to make these areas read-only or execute-only so one program cannot corrupt code that will be used by another. An obvious route for a malicious user to cause damage to another is to overcome the protection afforded by the memory-management system by assuming operating system status and then changing the translation tables. Most systems address this by providing a privileged system mode wh...
View Full Document
This document was uploaded on 10/30/2011 for the course CSE 378 380 at SUNY Buffalo.
- Spring '09