The Kernel Abstraction. Operating System, Fall 2015 Fordham Unv.,

Similar documents
Last Class: OS and Computer Architecture. Last Class: OS and Computer Architecture

Last Class: OS and Computer Architecture. Last Class: OS and Computer Architecture

Objectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont.

CS161: Operating Systems

ELEC 377. Operating Systems. Week 1 Class 3

Lecture 1 Operating System Overview

Lesson Objectives. To provide a grand tour of the major operating systems components To provide coverage of basic computer system organization

Chapter 6, The Operating System Machine Level

CSC 2405: Computer Systems II

Operating System Overview. Otto J. Anshus

Processes and Non-Preemptive Scheduling. Otto J. Anshus

Operating System Structures

CS420: Operating Systems OS Services & System Calls

OPERATING SYSTEM SERVICES

System Structures. Services Interface Structure

Introduction. What is an Operating System?

Chapter 2: OS Overview

Kernel Types System Calls. Operating Systems. Autumn 2013 CS4023

Operating Systems Overview

Example of Standard API

COS 318: Operating Systems

Operating Systems 4 th Class

Operating Systems. Lecture 03. February 11, 2013

Review from last time. CS 537 Lecture 3 OS Structure. OS structure. What you should learn from this lecture

CS3600 SYSTEMS AND NETWORKS

Overview of Operating Systems Instructor: Dr. Tongping Liu

Process Description and Control william stallings, maurizio pizzonia - sistemi operativi

Introduction to Operating Systems. Perspective of the Computer. System Software. Indiana University Chen Yu

Exceptions in MIPS. know the exception mechanism in MIPS be able to write a simple exception handler for a MIPS machine

Operating Systems. 05. Threads. Paul Krzyzanowski. Rutgers University. Spring 2015

Chapter 3 Operating-System Structures

Operating Systems and Networks

Introduction. System Calls

COS 318: Operating Systems. Virtual Machine Monitors

How do Users and Processes interact with the Operating System? Services for Processes. OS Structure with Services. Services for the OS Itself

Operating System Structure

Operating System Components

Chapter 2 System Structures

Performance Comparison of RTOS

Operating Systems Concepts: Chapter 7: Scheduling Strategies

Exception and Interrupt Handling in ARM

1. Computer System Structure and Components

Chapter 3: Operating-System Structures. System Components Operating System Services System Calls System Programs System Structure Virtual Machines

Thomas Fahrig Senior Developer Hypervisor Team. Hypervisor Architecture Terminology Goals Basics Details

Road Map. Scheduling. Types of Scheduling. Scheduling. CPU Scheduling. Job Scheduling. Dickinson College Computer Science 354 Spring 2010.

Operating Systems: Basic Concepts and History

CSE 120 Principles of Operating Systems. Modules, Interfaces, Structure

Kernel comparison of OpenSolaris, Windows Vista and. Linux 2.6

Operating Systems. Notice that, before you can run programs that you write in JavaScript, you need to jump through a few hoops first

SYSTEM ecos Embedded Configurable Operating System

Linux Process Scheduling Policy

Chapter 1 Computer System Overview

OPERATING SYSTEMS STRUCTURES

Development of Type-2 Hypervisor for MIPS64 Based Systems

x86 ISA Modifications to support Virtual Machines

Chapter 1: Introduction. Chapter 1: Introduction. Operating System Concepts, 7th Edition. Objectives

Chapter 3. Operating Systems

Multiprogramming. IT 3123 Hardware and Software Concepts. Program Dispatching. Multiprogramming. Program Dispatching. Program Dispatching

I/O Device and Drivers

Cloud Computing. Up until now

Operating Systems. Rafael Ramirez (T, S)

Real Time Programming: Concepts

An Introduction to the ARM 7 Architecture

COS 318: Operating Systems. I/O Device and Drivers. Input and Output. Definitions and General Method. Revisit Hardware

Outline: Operating Systems

Restraining Execution Environments

Virtualization. Clothing the Wolf in Wool. Wednesday, April 17, 13

Computer-System Architecture

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines:

Operating System Components and Services

Virtualization. Types of Interfaces

Fachbereich Informatik und Elektrotechnik SunSPOT. Ubiquitous Computing. Ubiquitous Computing, Helmut Dispert

Security Overview of the Integrity Virtual Machines Architecture

COS 318: Operating Systems. Virtual Machine Monitors

Operating System Impact on SMT Architecture

Virtual machines and operating systems

Traditional IBM Mainframe Operating Principles

First-class User Level Threads

CS 3530 Operating Systems. L02 OS Intro Part 1 Dr. Ken Hoganson

Multi-core Programming System Overview

Operating system Dr. Shroouq J.

Hypervisors. Introduction. Introduction. Introduction. Introduction. Introduction. Credits:

Real-Time Systems Prof. Dr. Rajib Mall Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Introduction to Virtual Machines

Operating System Tutorial

This tutorial will take you through step by step approach while learning Operating System concepts.

Chapter 16: Virtual Machines. Operating System Concepts 9 th Edition

Advanced Operating Systems ( L)

CS 377: Operating Systems. Outline. A review of what you ve learned, and how it applies to a real operating system. Lecture 25 - Linux Case Study

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

Technology in Action. Alan Evans Kendall Martin Mary Anne Poatsy. Eleventh Edition. Copyright 2015 Pearson Education, Inc.

CS 61C: Great Ideas in Computer Architecture Virtual Memory Cont.

System Virtual Machines

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

RTAI. Antonio Barbalace (modified by M.Moro 2011) RTAI

Operating Systems Prof. Ashok K Agrawala

CIS 551 / TCOM 401 Computer and Network Security

Chapter 2 Basic Structure of Computers. Jin-Fu Li Department of Electrical Engineering National Central University Jungli, Taiwan

Module 8. Industrial Embedded and Communication Systems. Version 2 EE IIT, Kharagpur 1

Lecture 25 Symbian OS

Transcription:

The Kernel Abstraction Operating System, Fall 2015 Fordham Unv.,!

Last week The roles of OS in computer system Review of hardware: a simple, conceptual understanding of computer organization CPU: stored program computer Memory: register, main memory, cache, disk, device controller, interrupt, device driver I/O mode: busy waiting, interrupt driven History of OS: batch system => multiprogramming => timesharing

Timesharing Operating System! Multiprogramming:! organizes programs (code and data) so CPU always has one to execute! Timesharing (multitasking) goes one step further! CPU switches processes so frequently that users can interact with each process while it is running, creating interactive computing 7

Goal today Chapter 1: what to take away? central role of OS: protection via OS kernel Process concept A process is the OS abstraction for executing a program with limited privileges Dual-mode operation: user vs. kernel Kernel-mode: execute with complete privileges User-mode: execute with fewer privileges Mode Transfer: What triggers them? Safe control transfer How do we switch from one mode to the other?

Take-away from Chapter 1 Design pattern studied in OS is applicable to many different systems design pattern: a general reusable solution to a commonly occurring problem within a given context in software design. formalized best practices that the programmer can use to solve common problems when designing an application or system. not a finished design that can be transformed directly into source or machine code. a description or template for how to solve a problem that can be used in many different situations. Patterns are

OS and Web browser Common problems in the two

The life of a program

Challenge: Protection How do we execute code with restricted privileges? Either because the code is buggy or if it might be malicious Some examples: A script running in a web browser A program you just downloaded off the Internet A program you just wrote that you haven t tested yet

OS Role of Protection! Protection: isolation of potentially misbehaving app. and users so that they do not corrupt other apps and OS! In order to achieve:! reliability: provide reliable environment! security defense against internal and external attacks: denial-of-service, worms, viruses, identity theft, theft of service! privacy:! fair resource allocation! We are going to study the first illusion OS creates 14

Multiprogramming and Process (a) Multiprogramming of four programs. (b) Conceptual model of four independent, sequential processes. (c) Only one program is active at once.

Process Abstraction Process: an instance of a program, running with limited rights Limited rights: Address space: Memory that the process can access Access of other resources? what files, I/O can be read/write/execute? Execution states: CPU registers state kernel variables (i.e., Process Control Table entry) Thread: a sequence of instructions within a process Potentially many threads per process (for now 1:1)

A process s Address Space In class demo: hand-trace a program s execution! Stack (Function Call Stack, Execution Stack): used to keep track of function calls! Heap: where dynamic variables are allocated from (via new, delete, malloc, free)! Data: global variables! Text: program code (in machine code)

Single and Multithreaded Processes In a multithread process: there are be multiple threads of execution sharing! program code global variables open files! each has its own calling stack: registers (PC, ) values! Why multi-threaded programming?! * To take advantage of multi-core CPU, or multi-processors * Application needs: e.g., web server

Protection: How? How can we implement execution with limited privilege? A thought experiment Execute each program instruction in a simulator If the instruction is permitted, do the instruction Otherwise, stop the process Basic model in Javascript and other interpreted languages How do we go faster? Run unprivileged code directly on CPU! Run privileged code through OS kernel

Goal today Chapter 1: what to take away? central role of OS: protection via OS kernel Process concept A process is the OS abstraction for executing a program with limited privileges Dual-mode operation: user vs. kernel Kernel-mode: execute with complete privileges User-mode: execute with fewer privileges Safe control transfer How do we switch from one mode to the other?

Protection: Hardware Support Dual Mode and Privileged instructions Privileged instructions only available to kernel User program (untrusted code) access privileged instructions via system call (user program calling kernel) Limits on memory accesses To prevent user code from overwriting the kernel Timer interrupt To regain control from a user program in a loop Safe way to switch from user mode to kernel mode, and vice versa

Dual-Mode Operation Mode bit (kernel or user mode) in CPU status register (e.g., EFLAGS register in x86) When in kernel mode: execution with full privileges Read/write to any memory, access any I/O device, read/write any disk sector When in user mode: only non-privileged instructions

OS Kernel Operating System Kernel: lowest level of software running on system, with full access to all hardware fully trusted code, runs in kernel mode implementing protection i.e., reliability, security, privacy, and fair sharing of resource User process: execute privileged instructions via welldefined interface supported by kernel, i.e., system call

Privileged instructions Examples of privileged instructions perform I/O operation, e.g., read/write disk, keyboard, change set of memory locations accessible by process block interrupt, Examples of non-privileged instructions memory accessing (read, write memory location) arithmetic operations function calls, control flow instruction (jump, ) What if a user program attempts to execute a privileged instruction? a processor exception which usually triggers system to trap into kernel mode, to execute kernel code for handling this type of exception (e.g., abort the violating process)

Protection/Hardware Support: Memory Protection To user process/ program, access memory as if it is unlimited resource accessed by itself only 20

Protection/Hardware Support: Memory

Towards Virtual Addresses Problems with base and bounds?

Example int staticvar = 0; // a static variable main() { staticvar += 1; sleep(10); // sleep for x seconds printf ("static address: %x, value: %d\n", &staticvar, staticvar); } What happens if we run two instances of this program at the same time? What if we took the address of a procedure local variable in two copies of the same program running at the same time?

Protection Hardware Support: Hardware Timer Hardware device that periodically interrupts the processor Returns control to kernel handler Interrupt frequency set by the kernel Not by user code! Interrupts can be temporarily deferred Not by user code! Interrupt deferral crucial for implementing mutual exclusion

Goal today Chapter 1: what to take away? central role of OS: protection via OS kernel Process concept A process is the OS abstraction for executing a program with limited privileges Dual-mode operation: user vs. kernel Kernel-mode: execute with complete privileges User-mode: execute with fewer privileges Mode Transfer: What triggers them? Safe control transfer How do we switch from one mode to the other?

Mode Switch: User=>Kernel triggered by Interrupts Triggered by timer and I/O devices Exceptions Triggered by unexpected program behavior Or malicious behavior! System calls (aka protected procedure call) Request by program for kernel to do some operation on its behalf Only limited # of very carefully coded entry points

System Calls! Programming interface provided by OS!! Typically written in a high-level language (C or C++)!! Mostly accessed by programs via a high-level Application Program Interface (API) rather than direct system call use!! Three most common APIs are!! Win32 API for Windows,!! POSIX API for POSIX-based systems (including virtually all versions of UNIX, Linux, and Mac OS X),!! Java API for the Java virtual machine (JVM)!! Why use APIs rather than system calls?! (Note that system-call names used throughout the text are generic) 25

Standard C Library Example! C program invoking printf() library call, which calls write() system call 30

System Call Implementation Typically, a number associated with each system call! System-call interface maintains a table indexed according to these numbers! System call interface invokes intended system call in OS kernel and returns status of system call and any return values! Caller need know nothing about how the system call is implemented! Just needs to obey API and understand what OS will do as a result call! Most details of OS interface hidden from programmer by API! Managed by run-time support library (set of functions built into libraries included with compiler) 28

29 API System Call OS Relationship

System Call Parameter Passing! Often, more information is required than simply identity of desired system call!! Exact type and amount of information vary according to OS and call!! Three general methods used to pass parameters to the OS!! Simplest: pass the parameters in registers!! In some cases, may be more parameters than registers!! Parameters stored in a block, or table, in memory, and address of block passed as a parameter in a register!! This approach taken by Linux and Solaris!! Parameters placed, or pushed, onto the stack by the program and popped off the stack by the operating system!! Block and stack methods do not limit the number or length of parameters being passed 31

32

33

Question Examples of exceptions!!! Examples of system calls

Mode Switch: Kernel=>User triggered by: New process/new thread start Jump to first instruction in program/thread Return from interrupt, exception, system call Resume suspended execution Process/thread context switch Resume some other process User-level upcall (UNIX signal) Asynchronous notification to user program

Upcall: User-level event delivery Notify user process of some event that needs to be handled right away Time expiration Real-time user interface Time-slice for user-level thread manager Interrupt delivery for VM player Asynchronous I/O completion (async/await) AKA UNIX signal

Upcalls vs Interrupts Signal handlers = interrupt vector Signal stack = interrupt stack Automatic save/restore registers = transparent resume Signal masking: signals disabled while in signal handler

Before up call 38

Upcall: During

Goal today Chapter 1: what to take away? central role of OS: protection via OS kernel Process concept A process is the OS abstraction for executing a program with limited privileges Dual-mode operation: user vs. kernel Kernel-mode: execute with complete privileges User-mode: execute with fewer privileges Mode Transfer: What triggers them? Safe control transfer How do we switch from one mode to the other?

How do we take interrupts safely? Interrupt vector Limited number of entry points into kernel Atomic transfer of control Single instruction to change: Program counter Stack pointer Memory protection Kernel/user mode Transparent restartable execution User program does not know interrupt occurred

Interrupt Vector Table set up by OS kernel; pointers to code to run on different events

Interrupt Stack Per-processor, located in kernel (not user) memory Usually a process/thread has both: kernel and user stack Why can t the interrupt handler run on the stack of the interrupted user process?

Interrupt Stack

Interrupt Masking Interrupt handler runs with interrupts off Re-enabled when interrupt completes OS kernel can also turn interrupts off Eg., when determining the next process/thread to run On x86 CLI: disable interrrupts STI: enable interrupts Only applies to the current CPU (on a multicore) We ll need this to implement synchronization in chapter 5

Interrupt Handlers Non-blocking, run to completion Minimum necessary to allow device to take next interrupt Any waiting must be limited duration Wake up other threads to do any real work Linux: semaphore Rest of device driver runs as a kernel thread

Case Study: MIPS Interrupt/Trap Two entry points: TLB miss handler, everything else Save type: syscall, exception, interrupt And which type of interrupt/exception Save program counter: where to resume Save old mode, interruptable bits to status register Set mode bit to kernel Set interrupts disabled For memory faults Save virtual address and virtual page Jump to general exception handler

Case Study: x86 Interrupt Save current stack pointer Save current program counter Save current processor status word (condition codes) Switch to kernel stack; put SP, PC, PSW on stack Switch to kernel mode Vector through interrupt table Interrupt handler saves registers it might clobber

Before Interrupt

During Interrupt

After Interrupt

Question Why is the stack pointer saved twice on the interrupt stack? Hint: is it the same stack pointer?

At end of handler Handler restores saved registers Atomically return to interrupted process/ thread Restore program counter Restore program stack Restore processor status word/condition codes Switch to user mode

Kernel System Call Handler Locate arguments In registers or on user stack Translate user addresses into kernel addresses Copy arguments From user memory into kernel memory Protect kernel from malicious code evading checks Validate arguments Protect kernel from errors in user code Copy results back into user memory Translate kernel addresses into user addresses

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information