In a modern multiprocessor shared memory system, processors are allocated a portion of the global shared memory by a common operating system (OS). With increasing numbers of processors, sometimes more than one operating system must be run at the same time within one system. In this case, the processors and memory controlled by each operating system must be independent. While separating processors is relatively easy, separating memory is much harder.
Two conventional methods of organizing memory within a microprocessor are private memory and shared memory. In a private memory system, a block of memory is accessible only to the processor that owns it. In contrast, in a shared memory, all or at least multiple processors have access to each memory location. When using a private memory, a fixed memory size is allocated to each processor. Therefore, when a processor is allocated to a task, the memory is allocated with it. However, providing such ownership of memory requires complex protection schemes and a global operating system, which may have multiple virtual operating systems running underneath it to provide the memory protection scheme. This means the security across the multiple operating system images is provided by software. Another method for providing memory protection is protection domains. However, protection domains require a global management layer, which is undesirable.
Some conventional solutions of multiplexing operating systems on the same hardware employ software or a combination of hardware and software. Software implemented methods present security problems. Conventional hardware implemented solutions may require a global operating system, which is undesirable.
Accordingly, the present invention provides a method and a system providing for dynamic allocation of memory through hardware. Further, the present invention provides a method which enforces security between multiple operating systems without the need for a central software authority. Further, the present invention provides for such a system which adds minimal hardware. Still further, the present invention provides such a system which permits but does not require shared memory and does not require complex protection schemes for private memory.
These and other advantages of the present invention will become apparent within discussions of the present invention herein.