Portions of cache memory can be set aside as protected address spaces (sometimes called user address spaces or ring 3). A protected address space is a portion of cache memory that has carefully controlled communication with the server operating system. All protected address spaces use virtual memory. For general information about virtual memory, see Virtual Memory.
You can use protected address spaces to run untried or troublesome applications. Because any modules loaded into a protected address space can't corrupt the operating system or cause server abends, the protected address space provides a safe place to run applications.
The operating system cannot run in a protected address space. The operating system address space (ring 0) is sometimes called the OS address space or the kernel address space.
The syscalls.nlm, in conjunction with the memory protection subsystem, prevents modules in a protected address space from having direct access to anything outside the address space. In particular, syscalls.nlm and the memory protection subsystem serve as the interface between the protected address spaces and the server operating system. They prevent NLM programs in protected spaces from passing calls to the operating system address space that would corrupt or fault the core operating system.
You can load modules into a protected address space, unload modules from a space, delete a space, or kill a space. See Loading Protected Address Spaces and Unloading Protected Address Spaces.
Each protected address space has its own page translation table to provide logical memory addressing. The memory management subsystem ensures that the page translation table of each protected address space points to a different set of physical memory addresses.
Only one translation table can be loaded into the memory management subsystem at a time. When there is more than one protected address space, the memory management subsystem loads one translation table for a specified time, then replaces it with another.
Replacing translation tables is called a context switch. Context switches are somewhat time consuming; do not create more protected address spaces than you need.
All protected address spaces use virtual memory. See Virtual Memory.
The following NLM programs and executables cannot be loaded into a protected space:
The server operating system cannot run in a protected address space because any software in a protected space is subject to being temporarily stopped and swapped to disk. (See Virtual Memory.)
Hardware and LAN drivers must run in the operating system address space because they use only physical memory addresses. Protected spaces use logical memory addressing.
MONITOR makes calls to the operating system that are not allowed from protected address spaces.