## COS 318: Operating Systems Protection and Virtual Memory Jaswinder Pal Singh and a Fabulous Course Staff Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/)







## Privileged Instruction Examples Memory address mapping Flush or invalidate data cache Invalidate TLB entries Load and read system registers Change processor modes from kernel to user Change the voltage and frequency of processor Halt a processor Reset a processor Perform I/O operations















### Issues

- Many processes
  - The more processes a system can handle, the better
- Address space size
  - Many processes whose total size may exceed memory
  - Even one process may exceed physical memory size
- Protection
  - A user process should not crash the system
  - A user process should not do bad things to other processes



14

## Handling Protection Errors in one process should not affect others For each process, check each load and store instruction to allow only legal memory references Physical memory Check error data





## Virtual Memory

- Flexible
  - Processes (and data) can move in memory as they execute, and can be part in memory and part on disk
- Simple
  - Applications generate loads and stores to addresses in the contiguous, large, "fake" address space
- Efficient
  - 20/80 rule: 20% of memory gets 80% of references
  - Keep the 20% in physical memory (a form of caching)



18

Generic Address Translation

- Memory Management Unit (MMU) translates virtual address into physical address for each load and store
- Combination of hardware and (privileged) software controls the translation
- CPU view
  - Virtual addresses
  - Each process has its own memory space [0, high] – virtual address space
- Memory or I/O device view
  - Physical addresses





Address Mapping and Granularity

- ◆ Must have some "mapping" mechanism
  - Map virtual addresses to physical addresses in RAM or disk
- Mapping must have some granularity
  - Finer granularity provides more flexibility
  - Finer granularity requires more mapping information



19



















## How Many PTEs Do We Need?

- Assume 4KB page
  - Needs "low order" 12 bits to address byte within page
- ◆ Worst case for 32-bit address machine
  - # of processes × 2<sup>20</sup>
  - 2<sup>20</sup> PTEs per page table (~4Mbytes), but there might be 10K processes. They won't fit in memory together
- ◆ What about 64-bit address machine?
  - # of processes × 2<sup>52</sup>
  - A page table cannot fit in a disk (2<sup>52</sup> PTEs = 16PBytes)!













## Virtual-To-Physical Lookups

- Programs only know virtual addresses
  - Each program or process starts from 0 to high address
- Each virtual address must be translated
  - May involve walking through a hierarchical page table
  - Since the page table is in memory, a program memory access may requires several actual memory accesses
- Solution
  - Cache recent virtual to physical translations, i.e. "active" part of page table, in a very fast memory
  - If virtual address hits in TLB, use cached translation
  - Typically fully associative cache, match against entries





## Bits in a TLB Entry

- Common (necessary) bits
  - Virtual page number
  - Physical page number: translated address
  - Valid bit
  - Access bits: kernel and user (none, read, write)
- Optional (useful) bits
  - Process tag
  - Reference bit
  - Modify bit
  - Cacheable bit



38

## Software-Controlled TLB

- ◆ On a miss in TLB, software is invoked
  - Write back if there is no free entry
  - Check if the page containing the PTE is in memory
  - If not, perform page fault handling
  - Load the PTE into the TLB
  - Restart the faulting instruction
- On TLB hit, same as in hardware-controlled TLB



40

## Hardware-Controlled TLB

- On a TLB miss
  - If the page containing the PTE is valid (in memory), hardware loads the PTE into the TLB
    - Write back and replace an entry if there is no free entry
  - Generate a fault if the page containing the PTE is invalid, or if there is a protection fault
  - VM software performs fault handling
  - Restart the CPU
- On a TLB hit, hardware checks the valid bit
  - If valid, pointer to page frame in memory
  - If invalid, the hardware generates a page fault
    - · Perform page fault handling
    - Restart the faulting instruction



### **TLB Related Issues**

- What TLB entry to be replaced?
  - Random
  - Pseudo LRU
- What happens on a context switch?
  - Process tag: invalidate appropriate TLB entries
  - No process tag: Invalidate the entire TLB contents
- What happens when changing a page table entry?
  - Change the entry in memory
  - Invalidate the TLB entry



## Summary: Virtual Memory



- Virtualization makes software development easier and enables memory resource utilization better
- Separate address spaces provide protection and isolate faults
- Address Translation
  - Translate every memory operation using table (page table, segment table).
  - Speed: cache frequently used translations
- Result
  - Every process has a private address space
  - Programs run independently of actual physical memory addresses used, and actual memory size
  - Protection: processes only access memory they are allowed to