This invention relates generally to data processing systems, and more particularly to the storing and accessing of information in data processing systems.
Present-day large-scale data processing systems typically include a plurality of processors and permit multiple, interactive program execution by local and remote users. To accommodate such processing volume sizable data memory must be provided for user programs and data, operating system software, and shared application programs. Further, sophisticated software and hardware are necessary to manageably manipulate programs and data as the various activities are executed in the system processors.
In satisfying user requirements without exacting a prohibitive price for system core memory, data processing systems employ "extended memories" in which the primary or core memory of the system is supplemented by secondary or bulk storage in the form of magnetic disks, for example. Thus, while any one user may actually be occupying a small portion of main memory during program execution, to the user the "virtual memory" appears to be much larger due to the extension of main memory provided by the secondary storage.
Storage of information in the main and extended memory may take the form of segments and pages wherein the user programs are divided into variable length segments and the segments may include a plurality of uniform length data pages. The use of paging permits flexibility of information storage in available memory space wherever located, with a page table provided to permit user location of the stored pages.
U.S. Pat. No. 3,412,382, of Couleur and Glazer describes a shared access, multiprogrammed data processing system of the described type and which is commercially available as the Honeywell 6100 Series Systems. As described therein, storage cells in the real memory are provided with absolute addresses, and users access the cells at their respective absolute addresses by the employment of relative addresses. For example, during the execution of a user's paged segment wherein a relative cell address is provided by the data processor, the intermediate or relative segment address provides for locating a special data word or pointer of the page being addressed, the special data word combining with the relative address to provide the absolute address of the required memory cell. More specifically, base designations are provided in real storage to locate data stored therein, the base designations forming a part of descriptor words of shared data. Since data is moved around in real storage the absolute addresses of the stored data are constantly changing, and descriptor words are employed to locate page tables and segments as well as desired pages. Thus, a segment descriptor word includes the base address of a corresponding segment, if the segment is non-paged, or the base address of the corresponding segment page table, if the segment is paged. A page table word provides the base address of a page of the corresponding segment.
The system processor cyclically executes portions of user programs as defined in the segment. Thus, a program segment readied for execution is stored wherever available space is located in the cell addressed memory with the relative address of the segment transformed to the absolute real memory address by combining the word number of a relative address and the base address in the corresponding page table for the stored segment. In locating the absolute addresses, a Procedure Base Register is employed for the current procedure segment, while a plurality of Address Base Registers are employed for cells external to the current procedure segments. Pointers, which are employed either as an identification of a descriptor word or the relative address of a descriptor word, are stored in a Temporary Base Register (TBR) during a current address transformation operation wherein the segment descriptor word, if unpaged, or the paged table word, if paged, is located in main memory or in the extended call address memory through a search operation for a matching pointer. Once the segment descriptor word or page table word is located, the segment absolute address of the desired memory location is obtained by combining the pointer therewith.
In executing a user program, the operating system combines the needed portions of the operating system with the user program segments in such a manner as to perform the task requested by the user. Since the operating procedures execute as part of the user process and are indistinguishable therefrom, special means of protection against unauthorized access and modification is required. Conventionally, segments of the operating system and of user processes exist and execute in a number of mutually exclusive subsets or rings having different levels of security status. As a process executes, it makes calls to other segments of the user code and to segments of the operating system, and as long as the external references are applied to segments that exist within the same security status or ring as that of the segment currently executing, no ring protection check is placed upon accessing the segments. Thus, segments within any one status level or ring are protected against unauthorized access from a lower status segment, but protection is not afforded against unauthorized access from segments of equal or higher rings or security status levels.