China 
Africa 
Explore chapters and articles related to this topic
Interprocess Communication Primitives in POSIX/Linux
Published in Ivan Cibrario Bertolotti, Gabriele Manduchi, Real-Time Embedded Systems, 2017
Ivan Cibrario Bertolotti, Gabriele Manduchi
The attentive reader may be concerned about the fact that, since fork() creates a clone of the calling process including the associated memory, the amount of processing at every child process creation in the above example may be very high due to the fact that the main process has allocated in memory a very large matrix. Fortunately this is not the case because the memory pages in the child process are not physically duplicated. Rather, the corresponding page table entries in the child process refer to the same physical pages of the parent process and are marked as Copy On Write. This means that, whenever the page is accessed in read mode, both the parent and the child process refer to the same physical page, and only upon a write operation is a new page in memory created and mapped to the child process. So, pages that are only read by the parent and child processes, such as the memory pages containing the program code, are not duplicated at all. In our example, the big matrix is written only before creating child processes, and therefore, the memory pages for it are never duplicated, even if they are conceptually replicated for every process. Nevertheless, process creation and context switches require more time in respect of threads because more information, including the page table, has to be saved and restored at every context switch.
The Journey to Cloud
Published in Haishi Bai, Zen of Cloud, 2019
Just to be clear—Docker didn't invent workload isolation. Isolation techniques have long existed in Linux systems such as cgroups (which can be traced back to 2006, when Google engineer Rohit Seth added to the Linux kernel the feature that grouped processes together under a common resource control), namespaces (which was added to Linux kernel in 2002), and Copy-on-Write (CoW) file systems. Windows has similar isolation constructs such as job objects.
Optimization of virtual machines performance using fuzzy hashing and genetic algorithm-based memory deduplication of static pages
Published in Automatika, 2023
N. Jagadeeswari, V. Mohanraj, Y. Suresh, J. Senthilkumar
Andreas et al. (2022) evaluated the performance operational efficiency of Same domain memory deduplication [31]. Memory deduplication, an Operating System memory optimization method that combines similar memory pages into one Copy-on-Write (CoW) page, has been shown to be vulnerable to a number of timing side-channel attacks. These attacks all originate using the latency variations in write times to the CoW page and the normal unique page. By offering two case studies that demonstrate how an attacker can still use the side channel for deduplication to leak information, the authors of this research assessed the effectiveness of memory deduplication in same domain as mitigation. In the first case study, they looked into a client-server model in which a server must inevitably data from an unreliable source client and showed how the client may manipulate the memory’s data alignment to reveal the server’s confidential information. In the second case study, they look at the latest Firefox browser that has made significant ensuring that information from various origins is separated into different domains. They show that despite these efforts, a malicious webpage can still take advantage of Site isolation is only partially implemented by the browser, causing leaks of sensitive information across tabs. They concluded that same-domain memory deduplication is insufficient since it is challenging to perform correctly.