Process isolation

This refers to a set of mechanisms implemented to protect processes from each other and protect the kernel from user processes.

The OS isolates Processes from each other, maintaining the illusion that each process has exclusive use of the memory and the processor.

To the programmer, we don’t have to think about how our program will fight for memory with other processes. The OS handles that.

It controls sharing data between processes (through files, the network), and it isolates itself from the process, because processes are inherently untrusted and the OS cannot let it directly interface with the trusted hardware.

Other means of isolation:

  • Processes have privilege levels to restrict access to resources
  • If one process crashes, others will keep running (not true with Threads)

Inter-process communication (IPC)

Limited, but possible. Options include:

  • Pipes via pipe()
  • Sockets via socketpair()
  • Shared memory via shm_open()

Process tables and process control blocks (PCBs)

OS maintains a table of all processes that aren’t completely done. Each process in the table has a PCB to hold info about it.