System Calls & Libraries Vivek Pai Lecture 4, COS318 Sep 25, 2001

System Calls & Libraries 2 Gedankundmathematics Recall the pointer verification case for fread( ) Can you speed up the checking process? What’s the best you could achieve? O(n)? O(logn)? O(1)? What happens if you have >32 bits? Aside: # atoms in universe = 10 80, or Does this provide any other benefits?

System Calls & Libraries 3 Mechanics Is the project workable? Has everyone started? Barring major problems, due Tuesday midnight Readings updated

System Calls & Libraries 4 Protection Issues I/O protection Prevent users from performing illegal I/Os Memory protection Prevent users from modifying kernel code and data structures CPU protection Prevent a user from using the CPU for too long

System Calls & Libraries 5 Protection Is Not Safety/Security Protection is a prerequisite Safety can be separation of concerns Security related to overall design Examples? Bad pointer access causing seg fault Sniffing cleartext passwords on the wire

System Calls & Libraries 6 Support in Modern Processors: User  Kernel User mode  Regular instructions  Access user-mode memory Kernel ( privileged ) mode  Regular instructions  Access user-mode memory An interrupt or exception ( INT ) A special instruction ( IRET )

System Calls & Libraries 7 Why a Privileged Mode? Special Instructions Mapping, TLB, etc Device registers I/O channels, etc. Mode Bits Processor features Device access

System Calls & Libraries 8 x86 Protection Rings Level 0 Level 1 Level 2 Level 3 Operating system kernel Operating system services Applications Privileged instructions Can be executed only When current privileged Level (CPR) is 0

System Calls & Libraries 9 Other Design Approaches “Capabilities” Fine-grained access control Crypto-like tokens Microkernels OS services in user space Small core “hypervisor”

System Calls & Libraries 10 Monolithic All kernel routines are together A system call interface Examples: Linux Most Unix OS NT Kernel many many things entry User program User program call return

System Calls & Libraries 11 Monolithic Pros and Cons Pros Relatively few crossings Shared kernel address space Performance Cons Flexibility Stability Experimentation

System Calls & Libraries 12 Layered Structure Hiding information at each layer Develop a layer at a time Examples THE (6 layers) MS-DOS (4 layers) Hardware Level 1 Level 2 Level N......

System Calls & Libraries 13 Layering Pros and Cons Pros Separation of concerns Simplicity / elegance Cons Boundary crossings Performance?

System Calls & Libraries 14 Microkernel Micro-kernel is “micro” Services are implemented as regular process Micro-kernel get services on behalf of users by messaging with the service processes Examples: Taos, Mach, L4  kernel entry User program Services call return

System Calls & Libraries 15 Microkernel Pros and Cons Pros Easier to develop services Fault isolation Customization Smaller kernel => easier to optimize Cons Lots of boundary crossings Really poor performance

System Calls & Libraries 16 Virtual Machine Virtual machine monitor provide multiple virtual “real” hardware run different OS codes Example IBM VM/370 virtual 8086 mode Java VMWare Bare hardware Small kernel VM1VMn... OS1OSn user

System Calls & Libraries 17 Hardware Support What is the minimal support? Can virtual machine be protected without such support? Hint: what is a Turing machine?

System Calls & Libraries 18 System Call Mechanism Kernel in protected memory entry User code can be arbitrary User code cannot modify kernel memory Makes a system call with parameters The call mechanism switches code to kernel mode Execute system call Return with results User program User program call return

System Calls & Libraries 19 Interrupt and Exceptions Interrupt Sources Hardware (by external devices) Software: INT n Exceptions Program error: faults, traps, and aborts Software generated: INT 3 Machine-check exceptions See Intel document chapter 5, volume 3 for details

System Calls & Libraries 20 Interrupt and Exceptions (1) Vector #MnemonicDescriptionType 0#DEDivide error (by zero)Fault 1#DBDebugFault/trap 2NMI interruptInterrupt 3#BPBreakpointTrap 4#OFOverflowTrap 5#BRBOUND range exceededTrap 6#UDInvalid opcodeFault 7#NMDevice not availableFault 8#DFDouble faultAbort 9Coprocessor segment overrunFault 10#TSInvalid TSS

System Calls & Libraries 21 Interrupt and Exceptions (2) Vector #MnemonicDescriptionType 11#NPSegment not presentFault 12#SSStack-segment faultFault 13#GPGeneral protectionFault 14#PFPage faultFault 15ReservedFault 16#MFFloating-point error (math fault)Fault 17#ACAlignment checkFault 18#MCMachine checkAbort 19-31Reserved User definedInterrupt

System Calls & Libraries 22 System Calls Interface between a process and the operating system kernel Categories Process management Memory management File management Device management Communication

System Calls & Libraries 23 OS Kernel: Trap Handler HW Device Interrupt HW exceptions SW exceptions System Service Call Virtual address exceptions HW implementation of the boundary System service dispatcher System services Interrupt service routines Exception dispatcher Exception handlers VM manager’s pager Sys_call_table

System Calls & Libraries 24 Passing Parameters Affects and depends on Architecture Compiler OS Different choices for different purposes

System Calls & Libraries 25 Passing Parameters - Registers Place parameters in registers # of registers # of usable registers # of parameters in system call Spill/fill code in compiler Really fast

System Calls & Libraries 26 Passing Parameters - Vector Register holds vector address Single register Vector in user’s memory Nothing horrible, just not common

System Calls & Libraries 27 Passing Parameters - Stack Place parameters on stack Similar to vector approach Stack already exists Gets copied anyway frame Top

System Calls & Libraries 28 Library Stubs for System Calls Use read( fd, buf, size) as an example: int read( int fd, char * buf, int size) { move fd, buf, size to R 1, R 2, R 3 move READ to R 0 int $0x80 move result to R result } User stack Registers User memory Kernel stack Registers Kernel memory Linux: 80 NT: 2E

System Calls & Libraries 29 System Call Entry Point User stack Registers User memory Kernel stack Registers Kernel memory Assume passing parameters in registers EntryPoint: switch to kernel stack save context check R 0 call the real code pointed by R 0 restore context switch to user stack iret (change to user mode and return)

System Calls & Libraries 30 Design & Performance Issues Can user code lie? One result register – large results? Parameters in user memory Multiprocessors

System Calls & Libraries 31 General Design Aesthetics Simplicity, obviousness Generality – same call handles many cases Composition / decomposition But: Expressiveness Performance

System Calls & Libraries 32 Separation Of Concerns Memory management Kernel allocates “pages” – hw protection Programs use malloc( ) – fine grained Kernel doesn’t care about small allocs Allocates pages to library Library handles malloc/free

System Calls & Libraries 33 Library Benefits Call overhead Chains of alloc/free don’t go to kernel Flexibility – easy to change policy Fragmentation Coalescing, free list management Easier to program

System Calls & Libraries 34 Feedback To The Program System calls, libraries are program to OS What about other direction? Various exceptional conditions General information, like screen resize When would this occur? Answer: signals