Lecture 4 Page 1 CS 111 Online Modularity and Memory Clearly, programs must have access to memory We need abstractions that give them the required access.

Slides:



Advertisements
Similar presentations
Memory Protection: Kernel and User Address Spaces  Background  Address binding  How memory protection is achieved.
Advertisements

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
May 7, A Real Problem  What if you wanted to run a program that needs more memory than you have?
Lecture 12 Page 1 CS 111 Online Devices and Device Drivers CS 111 On-Line MS Program Operating Systems Peter Reiher.
Memory Management Questions answered in this lecture: How do processes share memory? What is static relocation? What is dynamic relocation? What is segmentation?
Chapter 6 Limited Direct Execution
1 A Real Problem  What if you wanted to run a program that needs more memory than you have?
CMPT 300: Operating Systems I Dr. Mohamed Hefeeda
1 School of Computing Science Simon Fraser University CMPT 300: Operating Systems I Dr. Mohamed Hefeeda.
OS Fall ’ 02 Introduction Operating Systems Fall 2002.
CS 300 – Lecture 22 Intro to Computer Architecture / Assembly Language Virtual Memory.
OS Spring’03 Introduction Operating Systems Spring 2003.
Memory Management 1 CS502 Spring 2006 Memory Management CS-502 Spring 2006.
CS-3013 & CS-502, Summer 2006 Memory Management1 CS-3013 & CS-502 Summer 2006.
1 Last Class: Introduction Operating system = interface between user & architecture Importance of OS OS history: Change is only constant User-level Applications.
OS Spring’04 Introduction Operating Systems Spring 2004.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
Protection and the Kernel: Mode, Space, and Context.
Computer Architecture and Operating Systems CS 3230: Operating System Section Lecture OS-7 Memory Management (1) Department of Computer Science and Software.
G53SEC 1 Reference Monitors Enforcement of Access Control.
Lecture 4 Page 1 CS 111 Spring 2015 Modularity and Virtualization CS 111 Operating Systems Peter Reiher.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Operating Systems Lecture 2 Processes and Threads Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard. Zhiqing Liu School of.
Recall: Three I/O Methods Synchronous: Wait for I/O operation to complete. Asynchronous: Post I/O request and switch to other work. DMA (Direct Memory.
Operating Systems ECE344 Ashvin Goel ECE University of Toronto OS-Related Hardware.
Lecture 2 Page 1 CS 111 Summer 2015 I/O, Modularity and Virtualization CS 111 Operating System Principles Peter Reiher.
IT253: Computer Organization
CE Operating Systems Lecture 3 Overview of OS functions and structure.
Lecture 11 Page 1 CS 111 Online Memory Management: Paging and Virtual Memory CS 111 On-Line MS Program Operating Systems Peter Reiher.
G53SEC 1 Reference Monitors Enforcement of Access Control.
November 23, A Real Problem  What if you wanted to run a program that needs more memory than you have?
1 Some Real Problem  What if a program needs more memory than the machine has? —even if individual programs fit in memory, how can we run multiple programs?
Operating Systems Lecture 14 Segments Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard. Zhiqing Liu School of Software Engineering.
Lecture 2 Page 1 CS 111 Online System Services for OSes One major role of an operating system is providing services – To human users – To applications.
Lecture 5 Page 1 CS 111 Online Processes CS 111 On-Line MS Program Operating Systems Peter Reiher.
CE Operating Systems Lecture 2 Low level hardware support for operating systems.
Operating Systems 1 K. Salah Module 1.2: Fundamental Concepts Interrupts System Calls.
Paging (continued) & Caching CS-3013 A-term Paging (continued) & Caching CS-3013 Operating Systems A-term 2008 (Slides include materials from Modern.
Processes and Virtual Memory
CE Operating Systems Lecture 2 Low level hardware support for operating systems.
Lecture 4 Page 1 CS 111 Online Modularity and Virtualization CS 111 On-Line MS Program Operating Systems Peter Reiher.
Lecture 2 Page 1 CS 111 Summer 2014 Hardware, Modularity, and Virtualization CS 111 Operating System Principles Peter Reiher.
Lecture 5 Rootkits Hoglund/Butler (Chapters 1-3).
Lecture9 Page 1 CS 236 Online Operating System Security, Con’t CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 10 Page 1 CS 111 Online Memory Management CS 111 On-Line MS Program Operating Systems Peter Reiher.
Chapter 6 Limited Direct Execution Chien-Chung Shen CIS/UD
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
Of Privilege, Traps, Interrupts & Exceptions Prof. Sirer CS 316 Cornell University.
Modularity Most useful abstractions an OS wants to offer can’t be directly realized by hardware Modularity is one technique the OS uses to provide better.
Introduction to Operating Systems
A Real Problem What if you wanted to run a program that needs more memory than you have? September 11, 2018.
Outline Paging Swapping and demand paging Virtual memory.
Day 08 Processes.
Day 09 Processes.
Some Real Problem What if a program needs more memory than the machine has? even if individual programs fit in memory, how can we run multiple programs?
Modularity and Memory Clearly, programs must have access to memory
Introduction to Operating Systems
CGS 3763 Operating Systems Concepts Spring 2013
Chapter 33: Virtual Machines
Morgan Kaufmann Publishers Memory Hierarchy: Virtual Memory
CSE 451: Operating Systems Autumn 2005 Memory Management
CSE 451: Operating Systems Autumn 2003 Lecture 10 Paging & TLBs
CSE451 Virtual Memory Paging Autumn 2002
CSE 451: Operating Systems Autumn 2003 Lecture 9 Memory Management
CSE 451: Operating Systems Autumn 2003 Lecture 10 Paging & TLBs
CSE 451: Operating Systems Autumn 2003 Lecture 9 Memory Management
CSE 153 Design of Operating Systems Winter 2019
Mechanism: Address Translation
Cache writes and examples
Chapter 33: Virtual Machines
Presentation transcript:

Lecture 4 Page 1 CS 111 Online Modularity and Memory Clearly, programs must have access to memory We need abstractions that give them the required access – But with appropriate safety What we’ve really got (typically) is RAM RAM is pretty nice – But it has few built-in protections So we want an abstraction that provides RAM with safety

Lecture 4 Page 2 CS 111 Online What’s the Safety Issue? We have multiple threads running Each requires some memory Modern architectures typically have one big pool of RAM How can we share the same pool of RAM among multiple processes? – Giving each what it needs – Not allowing any to harm the others

Lecture 4 Page 3 CS 111 Online Domains A simple memory abstraction Give each process access to some range of the physical memory – Its domain – Different domain for each process Allow process to read/write/execute memory in its domain And not touch any memory outside its domain

Lecture 4 Page 4 CS 111 Online Mapping Domains Program 1 Program 2 Program 3 Program 4 Processor Memory Disk Network Every process gets its own piece of memory No process can interfere with other processes’ memory

Lecture 4 Page 5 CS 111 Online What Do Domains Require? Threads will issue instructions – Perhaps using arbitrary memory addresses Only addresses in the thread’s domain should be honored – Issuing any other address should be caught as an error Can’t trust threads to police their own addresses – System must enforce that

Lecture 4 Page 6 CS 111 Online Making It Work Generally requires hardware support In a simple way, a domain register – A processor has perhaps just one – It specifies the domain associated with the thread currently using the processor – By listing the low and high addresses that bound the domain OK, so we know what the thread’s domain is Now what?

Lecture 4 Page 7 CS 111 Online The Memory Manager Hardware or software that enforces the bounds of the domain register When thread reads or writes an address, memory manager checks the domain register If within bounds, do the memory operation If not, throw an exception Only trusted code (i.e., the OS) can change the domain register

Lecture 4 Page 8 CS 111 Online Illegal Memory Reference Exceptions The exception that gets thrown when a thread asks for memory not in its domain – Giving access might screw up another program What happens then? Trap to supervisor mode – To handle the problem safely

Lecture 4 Page 9 CS 111 Online The Domain Register Concept Processor Memory Disk Network Program 1 Program 4 Domain Register All Program 1 references must be within these bounds All Program 4 references must be within these bounds Enforced by hardware

Lecture 4 Page 10 CS 111 Online Multiple Domains Limiting a process to a single domain is not too convenient The concept is easy to extend – Simply allow multiple domains per process Obvious way to handle this is with multiple domain registers – One per allocated domain

Lecture 4 Page 11 CS 111 Online The Multiple Domain Concept Program 1 Processor Memory Disk Network Domain Registers

Lecture 4 Page 12 CS 111 Online Handling Multiple Domains Programs can request more domains – But the OS must set them up What does the program get to ask for? – A specific range of addresses? – Or a domain of a particular size? Latter is easier – What if requested set of addresses are already used by another program? – Memory manager can choose a range of addresses of requested size But what if the program is written to use a specific set of addresses?

Lecture 4 Page 13 CS 111 Online Domains and Access Permissions One can typically do three types of things with a memory address – Read its contents – Write a new value to it – Execute an instruction located there System can provide useful effects if it does not allow all modes of use to all addresses Typically handled on a per-domain basis – E.g., read-only domains Requires extra bits in domain registers And other hardware support

Lecture 4 Page 14 CS 111 Online What If Program Uses a Domain Improperly? E.g., it tries to write to a read-only domain A permission error exception – Different than an illegal memory reference exception But also handled by a similar mechanism Probably want it to be handled by somewhat different code in the OS Remember discussion of trap handling in previous lecture?

Lecture 4 Page 15 CS 111 Online Do We Really Need to Switch Processes for OS Services? When we trap or make a request for a domain, must we change processes? – We lose context doing so Instead, run the OS code for the process – Which requires changing to supervisor mode – Context for process is still available But what about safety? – Use domain access modes to ensure safety We don’t do this for all OS services...

Lecture 4 Page 16 CS 111 Online Domains in Kernel Mode Allow user threads to access certain privileged domains – Such as code to handle hardware traps – Such code must be in a domain accessible to the user thread But can’t allow arbitrary access to those privileged domains A supervisor (AKA kernel) mode access bit is set on such domains – So thread only accesses them when in kernel mode

Lecture 4 Page 17 CS 111 Online How Does a Thread Get to Kernel Mode? Can’t allow thread to arbitrarily put itself in kernel mode any time – Since it might do something unsafe Instead, allow entry to kernel mode only in specific ways – In particular, only at specific instructions – These are called gates – Typically implemented in hardware using instruction like SVC (supervisor call) – Remember trapping to supervisor mode?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.