Processors in computer systems commonly use virtual addressing to read and write data in virtual storage, which is performed by reading and writing data in a backing page frame in real storage. The backing page frame is obtained by a translation of the requested page's virtual address in the user's virtual address space. In the IBM ESA/390 architecture, a virtual address is designed to access data located on a byte boundary in a user's virtual storage, and this byte location is accessed on a byte boundary in a backing page frame. Each ESA/390 page frame is a unit of storage containing 4096 bytes of storage. The backing page frames using byte addressing are located in main storage (MS) on page boundaries, which are at addresses that are multiples of 2**12 bytes of data.
Each virtual page in a virtual address space is managed in the system by a page table entry (PTE), which is an entry in a page table. Each PTE has a field for containing the real address of a backing page frame in the main storage for the represented virtual page. In the IBM ESA/390 architecture, the real address field in the PTE is called a "page frame real address" (PFRA) field. The state of a backing PF flag bit in the PTE (called an "invalid" or a "valid" flag bit) indicates if an associated backing PF is assigned. There may be two backing flag bits to represent if a backing PF is assigned in either of two associated media.
When a processor makes an access request to a virtual page, and the associated flag bit in the PTE indicates no backing page exists, then a page fault occurs which generates a page fault interruption to the operating system (OS). Then, the OS software takes over the processor to assign a page frame, and writes its real address into the PFRA field in the PTE representing the associated virtual address, and sets the associated flag bit to indicate that a backing page frame is assigned to back the virtual page.
The assignment of a backing page to a virtual page by the OS on the occasion of an access to the page is called "demand paging", which is another name for assigning a backing page frame upon the occurrence of a "page fault".
For security reasons upon the assignment of a backing page frame to a virtual page, an erasure process is used to erase the entire content of the newly-assigned page frame as part of its initialization process, so that it does not contain any data from a prior user that could be accessed by a newly assigned user. A newly-assigned user of the page frame is presumed to not have any privileges regarding the data of a prior user of the page frame.
The conventional way this security requirement is enforced in a system is to initialize the page frame by writing zeros (or by replicating some other character) throughout the newly assigned page frame to destroy any prior data which may have been contained therein. This erasure process of writing 4096 bytes into every newly assigned page frame is a costly process, since page frame assignments are a frequent operation in most mainframe systems. It is conventional for the operating system (OS) software in a computer system to write zeros throughout each page frame being reassigned to erase any old data that may have existed in the reassigned page frame. The erasure may be done when each page frame is made available for reassignment whenever their users no longer need it (such as when a user's processing job is completed and its data is stored on an I/O device), or it may be done later when the page frame is reassigned.
In IBM mainframes using virtual storage, page frame release is done by resetting backing flag bits in the page's PTE to indicate no page frame is assigned to the corresponding virtual page represented by the PTE. A list or queue of available page frames is maintained by an operating system (OS) for use in backing newly referenced virtual pages.
In a prior application Ser. No. 07/424,797 (PO9-89-018), filed Oct. 20, 1989, entitled "Process Using Virtual Addressing In A Non-Privileged Instruction To Control The Copying Of A Page Of Data In Or Between Multiple Media" now U.S. Pat. No. 5,237,668 and assigned to the same assignee as the present invention, the PTE is modified to contain a real address (PFRA) of a backing page frame in either of two different media which use different types of real addressing. The media containing the backing page frame is managed by the state of two flag bits in each PTE for associating any real address in the PFRA with either media, main storage (MS) or expanded storage (ES). Thus, this modified PTE allows the virtual address to have a backing page frame located in either of two different media, MS or ES.
A backing page frame (PF) in any medium may be unassigned by setting the associated flag bit for the medium in the page's PTE to so indicate, which makes the page frame available for reassignment. However, PF unassignment does not affect the data content of the related page frame. Unassignment only breaks the connection between the PF real address of that page frame and the virtual address represented by the PTE.
There is no requirement that a user erase the data content of a page frame before releasing the page frame to allow its reassignment. And there is no requirement that a user erase the data content of a page frame when a page frame is assigned to the user. (It is to be remembered that the PTEs and PFs are transparent to the system users, who only see virtual addresses.) Further, a backing page frame is unassigned when the operating system (OS) moves a virtual page to a different medium, e.g. from MS to ES, which is transparent to the program using the virtual page. Accordingly, the OS services for IBM mainframes have been providing the erase function for PFs when they are reassigned, as part of the PF initialization function, to enable the OS to guarantee that the prior data content of any reassigned page frame is not available to any subsequent user. And any prior user of a PF has been allowed to assume that the content of any PF the user unassigns will be erased by the OS before the PF is can be used again.
Such prior PF erase function required the OS to physically write a character into every character location in the entire space within every reassigned page frame in MS and ES. This required writing zeros (or another character) into every character position in every byte of each 4096 byte PF entity. These writing operations consume significant processor time, and are a cost factor in computer use. This prior art erasure operation occurred during an interruption to OS in association with a page release operation, in which OS performed this essential erasure operation to initialize the page frames prior to their re-assignment, that took system resources and added to the system overhead of the operation.
Prior art on controlling the movement of pages of data between MS and another backing medium includes the following prior USA patent applications, in addition to previously cited application Ser. No. 07/424,797 (PO9-89-018) now U.S. Pat. No. 5,237,668:
A) Ser. No. 07/816,917 filed Jan. 3, 1992 (PO9-90-030) now abandoned, and assigned to the same assignee as the present invention, for a data mover (ADM) instruction which supports virtual addressing in MS for asynchronous page moves between MS and ES. PA0 B) U.S. Pat. No. 4,476,524 to Brown et al, issued Oct. 9, 1984 (PO9-80-009) for a pagein (PI) instruction and a pageout (PO) instruction which support real addressing (but not virtual addressing) in MS for synchronous page moves between MS and ES.
None of the various MVPG, ADM, PI and PO instructions in the prior art applications and patents deal with this page initialization problem, except by OS physical storing throughout each page frame.
Conventional pre-initialization of a virtual page occurs upon the assignment of virtual pages to a program: by the operating system (OS) setting up page tables having page table entries (PTEs) representing respective virtual pages for a program requesting a virtual address space. When the address space (comprising the PTEs) is set up for a program or user, no backing page frames in real storage are assigned to the virtual pages (the PTEs). Page frames are later assigned to the virtual pages by page faults signalled during an address translation process for a virtual page, by testing the state of each page assignment flag bit (e.g. I and V bits) in the PTE and generating a page fault signal if a backing page frame is not indicated to have been previously assigned.
The conventional page fault operation (involving an address translation operation) performs an erasing operation on the entire content of each page frame being reassigned to a virtual page. This assures the security of the prior data in the page frame from its newly assigned program (user).
This invention eliminates the need for the operation of writing all zeros (or any other character) in a backing page frame upon its reassignment to a program or user to maintain the security of prior data in the page frame for all fetch and full-page store operations.