Like any other of the computer’s shared hardware resources, the OS must protect memory so that rogue processes cannot disrupt the computer’s (and the other processes running on it) ability to run. Consider that the operating system itself exists in memory.
The kernel space (the area where the core of the operating system is stored) is a section of memory just like the others, but the information stored here is absolutely essential for our computer to be able to run safely and securely (or really, run at all). Therefore, the information here must never be accessed by any user-space (or non-kernel) process.
If a user-space process had access to kernel memory, it could corrupt the OS and take our whole computer down. A malevolent process with access to the kernel-space could try to steal information like passwords or, even worse, seize control of the computer and undertake rogue tasks. A cell-phone whose OS is hijacked is one thing, but consider the implications if the computer whose kernel is compromised is responsible for the functioning of an airplane or a nuclear plant.
It is not just the kernel that needs protection from user-space processes, though. User-space processes need protection from each other! Think about why this might be. If a malevolent user-space process could invade the memory of another user-space process like a piece of anti-malware software, the malevolent process could disable it and go undetected.
To protect processes from each other and to protect the kernel, we can use virtual memory. Virtualization gives the OS the ability to start a process, give it a certain amount of memory to work with, and have it seem to the process as though that is the only memory that exists.
The illustration to the right shows how blocks of virtual memory can map to physical memory.
Click Next when you’re ready to move on to the next exercise.