DOCSLIB.ORG

Herding Cats: Managing a Mobile UNIX Platform Maarten Thibaut and Wout Mertens – Cisco Systems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Herding Cats: Managing a Mobile UNIX Platform Maarten Thibaut and Wout Mertens – Cisco Systems Herding Cats: Managing a Mobile UNIX Platform Maarten Thibaut and Wout Mertens – Cisco Systems ABSTRACT Laptops running UNIX operating systems are gaining market share. This leads to more sysadmins being asked to support these systems. This paper describes the major technical decisions reached to facilitate the pilot roll out of a mobile Mac OS X platform. We explain which choices we made and why. We also list the main problems we encountered and how they were tackled. We show why in the environment of a customer support organization at Cisco, a file management tool with tripwire-like capabilities is needed. Radmind appears to be the only software base meeting these requirements. We show how the radmind suite can be extended and integrated to suit mobile clients in an enterprise environment. We provide solutions to automate asset tracking and the maintenance of encrypted home directory disk images. We draw conclusions and list the lessons learnt. Introduction Additional Material Mobile UNIX Platforms You can find additional material at http://rad- People have been using UNIX for more than 25 mind.org/contrib/LISA05 . There you’ll find: years. For much of that time computers running UNIX • The radmind extensions discussed in this paper were large, clunky machines that could only be called (distributed as patches) mobile if you happened to own a truck. The physical • The scripts called by cron to update the system location of the computer and its network address (radmind-update) and some scripts that toggle remained the same for much of the machine’s lifetime. radmind-update features Today we are faced with mass-produced UNIX • The login scripts enforcing the use of FileVault laptops that move around the world as fast as their • The asset database code (client and server) users do.1 • Various tidbits and scripts that could be of use Solutions specific to UNIX machines need to be to other system administrators put in place to handle UNIX laptop deployments in the • MCX configuration examples enterprise. Choices About Us Constraints Cisco’s [2] Technical Assistance Center (TAC) is a worldwide technical support organization. The TAC The following constraints are imposed on us by the provides technical support to Cisco customers. We, the department using our services: authors of this paper are members of the IT support • Our environment needs to be highly available group for the technical support engineers of the TAC. (even the desktops). We can meet this require- All development, testing and debugging of net- ment by keeping spare desktops around, clus- working products at Cisco is done on UNIX platforms tering our servers and distributing our services. – mostly Suns [5] running Solaris. Engineers need • Users need access to UNIX tools UNIX because of the large amount of utilities (some • Users need a mobile platform so they can work of them internal) available only for UNIX platforms. from home or while visiting customer sites In the last few years some of our users had been • Customer data must be protected (encrypted) given Windows laptops, many of them had installed when carried off-site Cisco’s version of Linux [3] on them in order to get Practises access to the UNIX tools they needed. Recently our All Solaris client computers in our environment support group noticed a shift towards Apple [1] are identical. Users do not get privileges to install or PowerBooks. It became clear that a supported mobile delete software outside their home directories. While platform with UNIX capabilities was something our this may seem unnecessarily restrictive it allows our user base would greatly appreciate. team to scale: identical systems mean identical prob- 1Some laptops move faster than their users due to incorrect lems and identical solutions; this enables us to make baggage handling or theft. sure the desktop is highly available. 19th Large Installation System Administration Conference (LISA ’05) 83 Herding Cats: Managing a Mobile UNIX Platform Thibaut and Mertens We decided to apply the same principle for the on the Mac OS X machine. This allows us to use any pilot of our new platform. This allowed us to manage method to install a package and record the changes the software loadsets installed during the pilot. How- made to the system in a transcript. ever, some software couldn’t be installed on all sys- FileVault tems so some kind of modular setup looks more feasi- All customer data must be encrypted when car- ble for a full rollout. ried off-site. There are two ways this can be tackled: Mac OS X Laptops 1. Encrypt the entire hard disk. This makes sure In order to choose the right platform a list of no hard disk data is accidentally revealed but it requirements was made and a technical analysis was also means that once the system has booted, all performed. The platform scoring the highest in the anal- data is available. Note that this causes an ysis was piloted. If no show stoppers were found a increase in load times as you’re encrypting the wider beta rollout would be initiated to find any remain- entire operating system. ing issues before migrating the entire organization. 2. Encrypt user data only. Obviously, there is less The method used to analyze the various platform overhead in this scenario. It can be argued that choices was a weighted-score analysis. Each item in such a modular approach is inherently more the list of requirements is given a weight factor. A secure: as soon as the user logs out their data high weight factor means the requirement is impor- becomes unavailable. tant. Each platform is then given a score for that No vendor-supported out-of-the-box solution requirement, higher scores mean a better result. was found for Linux. Apple’s FileVault feature uses an Fixed desktops scored low because of the lack of AES-128 encrypted autosizing disk image to store the mobility. Thin clients have higher mobility but aren’t user ’s homedir. While it wasn’t designed with double digit gigabyte sizes in mind it scales reasonably well truly portable. Windows [4] scored low on manage- in our experience. The only challenges we had were: ability and UNIX compatibility. Linux laptops seemed There is no out-of-the-box way to enforce its unfeasible due to the lack of support from laptop ven- • use. We ended up scripting the forced creation dors.2 Mac OS X scored high for user installable apps, and maintenance at login time. hotplugging sound devices and screens and for its Passwords mysteriously change. This is easily overall user interface. • fixed, provided you’ve installed a ‘‘master So the results clearly suggested an Apple Power- password’’3 that can unlock any filevault on the Book platform, mainly because of the fact that it is the computer. only viable portable UNIX platform in the list; porta- • The disk image needs to be compacted every bility and UNIX capabilities had high weights once in a while, which takes a long time and attached in the analysis. can only be done at logout. Radmind All in all we are quite happy with this solution. No matter what client platform is chosen, we Asset Tracking need to manage its disk image. In the case of Apple There are good reasons to track a system and its the package management system doesn’t meet our users: needs because: • the computer needs to be returned to the lease • Most Mac OS X software is distributed as an company when the lease ends application inside a compressed disk image. To • knowing who to ask for the system when you install the software the user simply drags the need it back application onto the /Applications folder. There • if the machine was used in some illegal act it is no package information stored in this case. helps if you know where it was and who was • Apple’s package management system has no using it uninstall capability (even if the software is dis- • your organization requires recording of all user tributed as a package). logins • There is no tripwire-like functionality to warn The at the end of this section shows the attributes we us about changes to the filesystem. wanted to know about. Many open source tools exist to create and dis- Somehow we’ll need to get mechanisms in place tribute packages. They lack a tripwire [13] functional- that give us the information we need. ity. Radmind [12] was the only toolset that either ful- At the time we couldn’t find any off the shelf filled the requirements or could be easily altered to solution to manage our systems. We implemented our fulfill the requirements. own software, AssetInterface. AssetInterface is a net- Radmind’s tripwire capabilities [10, 16] trap work client that stores asset information in a central changes to the filesystem caused by package installs database. The information is stored locally until the 2Note that Tadpole Computer [6] now offers both Linux 3This can be configured in the Security preference pane and Solaris laptops. Sun also sells Solaris laptops. in Mac OS X’s System Preferences. 84 19th Large Installation System Administration Conference (LISA ’05) Thibaut and Mertens Herding Cats: Managing a Mobile UNIX Platform database server becomes available – i.e., when the Luckily, we can control most aspects of the system client is on the intranet. though its harddisk image. For example, The information in the asset database is also use- • scripts run at boot time can change the PROM ful for support; it provides us with a history of DHCP password or update firmware addresses for the machine. We can login to a user’s • pre-apply scripts can unload kernel extensions machine without having to ask for the IP address.
Load more

Recommended publications
  • CWIC: Using Images to Passively Browse the Web
    CWIC: Using Images to Passively Browse the Web Quasedra Y. Brown D. Scott McCrickard Computer Information Systems College of Computing and GVU Center Clark Atlanta University Georgia Institute of Technology Atlanta, GA 30314 Atlanta, GA 30332 [email protected] [email protected] Advisor: John Stasko ([email protected]) Abstract The World Wide Web has emerged as one of the most widely available and diverse information sources of all time, yet the options for accessing this information are limited. This paper introduces CWIC, the Continuous Web Image Collector, a system that automatically traverses selected Web sites collecting and analyzing images, then presents them to the user using one of a variety of available display mechanisms and layouts. The CWIC mechanisms were chosen because they present the images in a non-intrusive method: the goal is to allow users to stay abreast of Web information while continuing with more important tasks. The various display layouts allow the user to select one that will provide them with little interruptions as possible yet will be aesthetically pleasing. 1 1. Introduction The World Wide Web has emerged as one of the most widely available and diverse information sources of all time. The Web is essentially a multimedia database containing text, graphics, and more on an endless variety of topics. Yet the options for accessing this information are somewhat limited. Browsers are fine for surfing, and search engines and Web starting points can guide users to interesting sites, but these are all active activities that demand the full attention of the user. This paper introduces CWIC, a passive-browsing tool that presents Web information in a non-intrusive and aesthetically pleasing manner.
    [Show full text]
  • Concept-Oriented Programming: References, Classes and Inheritance Revisited
    Concept-Oriented Programming: References, Classes and Inheritance Revisited Alexandr Savinov Database Technology Group, Technische Universität Dresden, Germany http://conceptoriented.org Abstract representation and access is supposed to be provided by the translator. Any object is guaranteed to get some kind The main goal of concept-oriented programming (COP) is of primitive reference and a built-in access procedure describing how objects are represented and accessed. It without a possibility to change them. Thus there is a makes references (object locations) first-class elements of strong asymmetry between the role of objects and refer- the program responsible for many important functions ences in OOP: objects are intended to implement domain- which are difficult to model via objects. COP rethinks and specific structure and behavior while references have a generalizes such primary notions of object-orientation as primitive form and are not modeled by the programmer. class and inheritance by introducing a novel construct, Programming means describing objects but not refer- concept, and a new relation, inclusion. An advantage is ences. that using only a few basic notions we are able to describe One reason for this asymmetry is that there is a very many general patterns of thoughts currently belonging to old and very strong belief that it is entity that should be in different programming paradigms: modeling object hier- the focus of modeling (including programming) while archies (prototype-based programming), precedence of identities simply serve entities. And even though object parent methods over child methods (inner methods in identity has been considered “a pillar of object orienta- Beta), modularizing cross-cutting concerns (aspect- tion” [Ken91] their support has always been much weaker oriented programming), value-orientation (functional pro- in comparison to that of entities.
    [Show full text]
  • Technical Manual Version 8
    HANDLE.NET (Ver. 8) Technical Manual HANDLE.NET (version 8) Technical Manual Version 8 Corporation for National Research Initiatives June 2015 hdl:4263537/5043 1 HANDLE.NET (Ver. 8) Technical Manual HANDLE.NET 8 software is subject to the terms of the Handle System Public License (version 2). Please read the license: http://hdl.handle.net/4263537/5030. A Handle System Service ​ ​ Agreement is required in order to provide identifier/resolution services using the Handle System technology. Please read the Service Agreement: http://hdl.handle.net/4263537/5029. ​ ​ © Corporation for National Research Initiatives, 2015, All Rights Reserved. Credits CNRI wishes to thank the prototyping team of the Los Alamos National Laboratory Research Library for their collaboration in the deployment and testing of a very large Handle System implementation, leading to new designs for high performance handle administration, and handle users at the Max Planck Institute for Psycholinguistics and Lund University Libraries ​ ​ ​ NetLab for their instructions for using PostgreSQL as custom handle storage. ​ Version Note Handle System Version 8, released in June 2015, constituted a major upgrade to the Handle System. Major improvements include a RESTful JSON-based HTTP API, a browser-based admin client, an extension framework allowing Java Servlet apps, authentication using handle identities without specific indexes, multi-primary replication, security improvements, and a variety of tool and configuration improvements. See the Version 8 Release Notes for details. Please send questions or comments to the Handle System Administrator at [email protected]. 2 HANDLE.NET (Ver. 8) Technical Manual Table of Contents Credits Version Note 1 Introduction 1.1 Handle Syntax 1.2 Architecture 1.2.1 Scalability 1.2.2 Storage 1.2.3 Performance 1.3 Authentication 1.3.1 Types of Authentication 1.3.2 Certification 1.3.3 Sessions 1.3.4 Algorithms TODO 3 HANDLE.NET (Ver.
    [Show full text]
  • Pointers Getting a Handle on Data
    3RLQWHUV *HWWLQJ D +DQGOH RQ 'DWD Content provided in partnership with Prentice Hall PTR, from the book C++ Without Fear: A Beginner’s Guide That Makes You Feel Smart, 1/e by Brian Overlandà 6 Perhaps more than anything else, the C-based languages (of which C++ is a proud member) are characterized by the use of pointers—variables that store memory addresses. The subject sometimes gets a reputation for being difficult for beginners. It seems to some people that pointers are part of a plot by experienced programmers to wreak vengeance on the rest of us (because they didn’t get chosen for basketball, invited to the prom, or whatever). But a pointer is just another way of referring to data. There’s nothing mysterious about pointers; you will always succeed in using them if you follow simple, specific steps. Of course, you may find yourself baffled (as I once did) that you need to go through these steps at all—why not just use simple variable names in all cases? True enough, the use of simple variables to refer to data is often sufficient. But sometimes, programs have special needs. What I hope to show in this chapter is why the extra steps involved in pointer use are often justified. The Concept of Pointer The simplest programs consist of one function (main) that doesn’t interact with the network or operating system. With such programs, you can probably go the rest of your life without pointers. But when you write programs with multiple functions, you may need one func- tion to hand off a data address to another.
    [Show full text]
  • KTH Introduction to Opencl
    Introduction to OpenCL David Black-Schaffer [email protected] 1 Disclaimer I worked for Apple developing OpenCL I’m biased Please point out my biases. They help me get a better perspective and may reveal something. 2 What is OpenCL? Low-level language for high-performance heterogeneous data-parallel computation. Access to all compute devices in your system: CPUs GPUs Accelerators (e.g., CELL… unless IBM cancels Cell) Based on C99 Portable across devices Vector intrinsics and math libraries Guaranteed precision for operations Open standard Low-level -- doesn’t try to do everything for you, but… High-performance -- you can control all the details to get the maximum performance. This is essential to be successful as a performance- oriented standard. (Things like Java have succeeded here as standards for reasons other than performance.) Heterogeneous -- runs across all your devices; same code runs on any device. Data-parallel -- this is the only model that supports good performance today. OpenCL has task-parallelism, but it is largely an after-thought and will not get you good performance on today’s hardware. Vector intrinsics will map to the correct instructions automatically. This means you don’t have to write SSE code anymore and you’ll still get good performance on scalar devices. The precision is important as historically GPUs have not cared about accuracy as long as the images looked “good”. These requirements are forcing them to take accuracy seriously.! 3 Open Standard? Huge industry support Driving hardware requirements This is a big deal. Note that the big three hardware companies are here (Intel, AMD, and Nvidia), but that there are also a lot of embedded companies (Nokia, Ericsson, ARM, TI).
    [Show full text]
  • Operating System
    OPERATING SYSTEM INDEX LESSON 1: INTRODUCTION TO OPERATING SYSTEM LESSON 2: FILE SYSTEM – I LESSON 3: FILE SYSTEM – II LESSON 4: CPU SCHEDULING LESSON 5: MEMORY MANAGEMENT – I LESSON 6: MEMORY MANAGEMENT – II LESSON 7: DISK SCHEDULING LESSON 8: PROCESS MANAGEMENT LESSON 9: DEADLOCKS LESSON 10: CASE STUDY OF UNIX LESSON 11: CASE STUDY OF MS-DOS LESSON 12: CASE STUDY OF MS-WINDOWS NT Lesson No. 1 Intro. to Operating System 1 Lesson Number: 1 Writer: Dr. Rakesh Kumar Introduction to Operating System Vetter: Prof. Dharminder Kr. 1.0 OBJECTIVE The objective of this lesson is to make the students familiar with the basics of operating system. After studying this lesson they will be familiar with: 1. What is an operating system? 2. Important functions performed by an operating system. 3. Different types of operating systems. 1. 1 INTRODUCTION Operating system (OS) is a program or set of programs, which acts as an interface between a user of the computer & the computer hardware. The main purpose of an OS is to provide an environment in which we can execute programs. The main goals of the OS are (i) To make the computer system convenient to use, (ii) To make the use of computer hardware in efficient way. Operating System is system software, which may be viewed as collection of software consisting of procedures for operating the computer & providing an environment for execution of programs. It’s an interface between user & computer. So an OS makes everything in the computer to work together smoothly & efficiently. Figure 1: The relationship between application & system software Lesson No.
    [Show full text]
  • Mac OS X Server
    Mac OS X Server Version 10.4 Technology Overview August 2006 Technology Overview 2 Mac OS X Server Contents Page 3 Introduction Page 5 New in Version 10.4 Page 7 Operating System Fundamentals UNIX-Based Foundation 64-Bit Computing Advanced BSD Networking Architecture Robust Security Directory Integration High Availability Page 10 Integrated Management Tools Server Admin Workgroup Manager Page 14 Service Deployment and Administration Open Directory Server File and Print Services Mail Services Web Hosting Enterprise Applications Media Streaming iChat Server Software Update Server NetBoot and NetInstall Networking and VPN Distributed Computing Page 29 Product Details Page 31 Open Source Projects Page 35 Additional Resources Technology Overview 3 Mac OS X Server Introduction Mac OS X Server version 10.4 Tiger gives you everything you need to manage servers in a mixed-platform environment and to con gure, deploy, and manage powerful network services. Featuring the renowned Mac OS X interface, Mac OS X Server streamlines your management tasks with applications and utilities that are robust yet easy to use. Apple’s award-winning server software brings people and data together in innovative ways. Whether you want to empower users with instant messaging and blogging, gain greater control over email, reduce the cost and hassle of updating software, or build your own distributed supercomputer, Mac OS X Server v10.4 has the tools you need. The Universal release of Mac OS X Server runs on both Intel- and PowerPC-based The power and simplicity of Mac OS X Server are a re ection of Apple’s operating sys- Mac desktop and Xserve systems.
    [Show full text]
  • Chapter 9: Memory Management
    Chapter 9: Memory Management I Background I Swapping I Contiguous Allocation I Paging I Segmentation I Segmentation with Paging Operating System Concepts 9.1 Silberschatz, Galvin and Gagne 2002 Background I Program must be brought into memory and placed within a process for it to be run. I Input queue – collection of processes on the disk that are waiting to be brought into memory to run the program. I User programs go through several steps before being run. Operating System Concepts 9.2 Silberschatz, Galvin and Gagne 2002 Binding of Instructions and Data to Memory Address binding of instructions and data to memory addresses can happen at three different stages. I Compile time: If memory location known a priori, absolute code can be generated; must recompile code if starting location changes. I Load time: Must generate relocatable code if memory location is not known at compile time. I Execution time: Binding delayed until run time if the process can be moved during its execution from one memory segment to another. Need hardware support for address maps (e.g., base and limit registers). Operating System Concepts 9.3 Silberschatz, Galvin and Gagne 2002 Multistep Processing of a User Program Operating System Concepts 9.4 Silberschatz, Galvin and Gagne 2002 Logical vs. Physical Address Space I The concept of a logical address space that is bound to a separate physical address space is central to proper memory management. ✦ Logical address – generated by the CPU; also referred to as virtual address. ✦ Physical address – address seen by the memory unit. I Logical and physical addresses are the same in compile- time and load-time address-binding schemes; logical (virtual) and physical addresses differ in execution-time address-binding scheme.
    [Show full text]
  • Multi-Model Databases: a New Journey to Handle the Variety of Data
    0 Multi-model Databases: A New Journey to Handle the Variety of Data JIAHENG LU, Department of Computer Science, University of Helsinki IRENA HOLUBOVA´ , Department of Software Engineering, Charles University, Prague The variety of data is one of the most challenging issues for the research and practice in data management systems. The data are naturally organized in different formats and models, including structured data, semi- structured data and unstructured data. In this survey, we introduce the area of multi-model DBMSs which build a single database platform to manage multi-model data. Even though multi-model databases are a newly emerging area, in recent years we have witnessed many database systems to embrace this category. We provide a general classification and multi-dimensional comparisons for the most popular multi-model databases. This comprehensive introduction on existing approaches and open problems, from the technique and application perspective, make this survey useful for motivating new multi-model database approaches, as well as serving as a technical reference for developing multi-model database applications. CCS Concepts: Information systems ! Database design and models; Data model extensions; Semi- structured data;r Database query processing; Query languages for non-relational engines; Extraction, trans- formation and loading; Object-relational mapping facilities; Additional Key Words and Phrases: Big Data management, multi-model databases, NoSQL database man- agement systems. ACM Reference Format: Jiaheng Lu and Irena Holubova,´ 2019. Multi-model Databases: A New Journey to Handle the Variety of Data. ACM CSUR 0, 0, Article 0 ( 2019), 38 pages. DOI: http://dx.doi.org/10.1145/0000000.0000000 1.
    [Show full text]
  • Mac Os Versions in Order
    Mac Os Versions In Order Is Kirby separable or unconscious when unpins some kans sectionalise rightwards? Galeate and represented Meyer videotapes her altissimo booby-trapped or hunts electrometrically. Sander remains single-tax: she miscalculated her throe window-shopped too epexegetically? Fixed with security update it from the update the meeting with an infected with machine, keep your mac close pages with? Checking in macs being selected text messages, version of all sizes trust us, now became an easy unsubscribe links. Super user in os version number, smartphones that it is there were locked. Safe Recover-only Functionality for Lost Deleted Inaccessible Mac Files Download Now Lost grate on Mac Don't Panic Recover Your Mac FilesPhotosVideoMusic in 3 Steps. Flex your mac versions; it will factory reset will now allow users and usb drive not lower the macs. Why we continue work in mac version of the factory. More secure your mac os are subject is in os x does not apply video off by providing much more transparent and the fields below. Receive a deep dive into the plain screen with the technology tally your search. MacOS Big Sur A nutrition sheet TechRepublic. Safari was in order to. Where can be quit it straight from the order to everyone, which can we recommend it so we come with? MacOS Release Dates Features Updates AppleInsider. It in order of a version of what to safari when using an ssd and cookies to alter the mac versions. List of macOS version names OS X 10 beta Kodiak 13 September 2000 OS X 100 Cheetah 24 March 2001 OS X 101 Puma 25.
    [Show full text]
  • Introduction to Memory Management 1
    CHAPTER 1 Introduction to Memory Management 1 This chapter is a general introduction to memory management on Macintosh computers. It describes how the Operating System organizes and manages the available memory, 1 and it shows how you can use the services provided by the Memory Manager and other Introduction to Memory Management system software components to manage the memory in your application partition effectively. You should read this chapter if your application or other software allocates memory dynamically during its execution. This chapter describes how to ■ set up your application partition at launch time ■ determine the amount of free memory in your application heap ■ allocate and dispose of blocks of memory in your application heap ■ minimize fragmentation in your application heap caused by blocks of memory that cannot move ■ implement a scheme to avoid low-memory conditions You should be able to accomplish most of your application’s memory allocation and management by following the instructions given in this chapter. If, however, your application needs to allocate memory outside its own partition (for instance, in the system heap), you need to read the chapter “Memory Manager” in this book. If your application has timing-critical requirements or installs procedures that execute at interrupt time, you need to read the chapter “Virtual Memory Manager” in this book. If your application’s executable code is divided into multiple segments, you might also want to look at the chapter “Segment Manager” in Inside Macintosh: Processes for guidelines on how to divide your code into segments. If your application uses resources, you need to read the chapter “Resource Manager” in Inside Macintosh: More Macintosh Toolbox for information on managing memory allocated to resources.
    [Show full text]
  • Virtual Memory and Linux
    Virtual Memory and Linux Matt Porter Embedded Linux Conference Europe October 13, 2016 About the original author, Alan Ott ● Unfortunately, he is unable to be here at ELCE 2016. ● Veteran embedded systems and Linux developer ● Linux Architect at SoftIron – 64-bit ARM servers and data center appliances – Hardware company, strong on software – Overdrive 3000, more products in process Physical Memory Single Address Space ● Simple systems have a single address space ● Memory and peripherals share – Memory is mapped to one part – Peripherals are mapped to another ● All processes and OS share the same memory space – No memory protection! – Processes can stomp one another – User space can stomp kernel mem! Single Address Space ● CPUs with single address space ● 8086-80206 ● ARM Cortex-M ● 8- and 16-bit PIC ● AVR ● SH-1, SH-2 ● Most 8- and 16-bit systems x86 Physical Memory Map ● Lots of Legacy ● RAM is split (DOS Area and Extended) ● Hardware mapped between RAM areas. ● High and Extended accessed differently Limitations ● Portable C programs expect flat memory ● Multiple memory access methods limit portability ● Management is tricky ● Need to know or detect total RAM ● Need to keep processes separated ● No protection ● Rogue programs can corrupt the entire system Virtual Memory What is Virtual Memory? ● Virtual Memory is a system that uses an address mapping ● Maps virtual address space to physical address space – Maps virtual addresses to physical RAM – Maps virtual addresses to hardware devices ● PCI devices ● GPU RAM ● On-SoC IP blocks What is Virtual Memory? ● Advantages ● Each processes can have a different memory mapping – One process's RAM is inaccessible (and invisible) to other processes.
    [Show full text]