| 摘要 |
An operating system that provides protection domain support is arranged so to be compatible with "well behaved" threads, i.e., threads that obtain all their memory allocations from the operating system, that were written without regard for protection domains. This may be achieved by associating each protection domain with one or more pages of memory, so-called "primary memory pages", for which the protection domain has read and write access permission. Requests by such a "protection-domain-unaware" thread to the operating system for a memory allocation, e.g., for memory in which to create a data structure, are automatically fulfilled by the operating system from the memory available in the primary memory pages of the protection domain of the requesting thread. The operating system informs the thread of the location of the created data structure, e.g., by passing to the thread a pointer to the data structure. Note that threads may have read and/or write access to memory pages that are not primary pages for their protection domains. Thus, the operating system controls 1) the access permission for each page; 2) the allocation for use as primary pages of pages from "free memory" pages, e.g., memory pages available in the system domain; and 3) which particular pages are primary pages for each protection domain at any particular time.
|
