Information Technology Reference
In-Depth Information
Physical Memory
D ATA
HEAP
STACK
INSTR
Base Bounds
CPU
Ye s
Memory
Reference
OK?
Continue
No
Exception
Figure2.5: Base and bounds memory protection.
Memory-mapped devices
On most computers, the operating system controls input/output devices such as the
disk, network, or keyboard by reading and writing to special memory locations. Each de-
vice monitors the memory bus for the address assigned to that device, and when it sees
its address, the device triggers the desired I/O operation. The operating system sets
things so that it can access these special memory locations, but user-level processes
cannot. Thus, memory protection has the added advantage of limiting direct access
to input/output devices by user code. By limiting each process to just its own memory
locations, the kernel prevents it from directly reading or writing to the disk controller or
other devices. This way, a buggy or malicious application cannot modify the operating
system's image stored on disk, and a user cannot gain access to another user's files
without first going through the operating system to check file permissions.
