Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Kernel Abstraction

Published byJuliana ter Linde Modified over 5 years ago

Similar presentations

Presentation on theme: "The Kernel Abstraction"— Presentation transcript:

1 The Kernel Abstraction
Operating System, Fall 2015 Fordham Unv.,

2 Last week The roles of OS in computer system
Review of hardware: a simple, conceptual understanding of computer organization CPU: stored program computer Memory: register, main memory, cache, disk, … device controller, interrupt, device driver I/O mode: busy waiting, interrupt driven History of OS: batch system => multiprogramming => timesharing (Why to do research!) Debugging. You’ll spend 50% of your time debugging. So get great at it. Think of it as a machine: how do you optimize the speed at which you can identify bugs and fix them? First, gain a clear understanding of the problem and the solution before you start coding. I mention this here because you’ll start debugging with assignment 1, so good to shake off the rust this week.

3 Timesharing Operating System
Multiprogramming: organizes programs (code and data) so CPU always has one to execute Timesharing (multitasking) goes one step further CPU switches processes so frequently that users can interact with each process while it is running, creating interactive computing 7

4 Goal today Chapter 1: what to take away?
central role of OS: protection via OS kernel Process concept A process is the OS abstraction for executing a program with limited privileges Dual-mode operation: user vs. kernel Kernel-mode: execute with complete privileges User-mode: execute with fewer privileges Mode Transfer: What triggers them? Safe control transfer How do we switch from one mode to the other? (Why to do research!) Debugging. You’ll spend 50% of your time debugging. So get great at it. Think of it as a machine: how do you optimize the speed at which you can identify bugs and fix them? First, gain a clear understanding of the problem and the solution before you start coding. I mention this here because you’ll start debugging with assignment 1, so good to shake off the rust this week.

5 Take-away from Chapter 1
Design pattern studied in OS is applicable to many different systems design pattern: a general reusable solution to a commonly occurring problem within a given context in software design. formalized best practices that the programmer can use to solve common problems when designing an application or system. not a finished design that can be transformed directly into source or machine code. a description or template for how to solve a problem that can be used in many different situations. Patterns are (Why to do research!) Debugging. You’ll spend 50% of your time debugging. So get great at it. Think of it as a machine: how do you optimize the speed at which you can identify bugs and fix them? First, gain a clear understanding of the problem and the solution before you start coding. I mention this here because you’ll start debugging with assignment 1, so good to shake off the rust this week.

6 OS and Web browser Common problems in the two (Why to do research!)
Debugging. You’ll spend 50% of your time debugging. So get great at it. Think of it as a machine: how do you optimize the speed at which you can identify bugs and fix them? First, gain a clear understanding of the problem and the solution before you start coding. I mention this here because you’ll start debugging with assignment 1, so good to shake off the rust this week.

7 The life of a program OK, so you compile your program into an executable image with instructions and data. Which of these is the program? How does it start running? Well, if its Javascript – no compilation step! Just interprets the source code. If its Android, then its compiled into a byte code that is interpreted in software – well, actually, interpreted into short snippets of instructions, with jumps back into the interpreter when done. If it’s attu, then compiled into x86 instructions. What’s to keep the process from overwriting the OS kernel? Or some other process running at the same time? What’s to keep it from overwriting the disk? From reading someone else’s files that are stored on disk?

8 Challenge: Protection
How do we execute code with restricted privileges? Either because the code is buggy or if it might be malicious Some examples: A script running in a web browser A program you just downloaded off the Internet A program you just wrote that you haven’t tested yet Not just about OS’es; not just bugs

9 OS Role of Protection Protection: isolation of potentially misbehaving app. and users so that they do not corrupt other apps and OS In order to achieve: reliability: provide reliable environment security – defense against internal and external attacks: denial-of-service, worms, viruses, identity theft, theft of service privacy: fair resource allocation We are going to study the first illusion OS creates 14

10 Multiprogramming and Process
(a) Multiprogramming of four programs. (b) Conceptual model of four independent, sequential processes. (c) Only one program is active at once.

11 Process Abstraction Process: an instance of a program, running with limited rights Limited rights: Address space: Memory that the process can access Access of other resources? what files, I/O can be read/write/execute? Execution states: CPU registers state kernel variables (i.e., Process Control Table entry) Thread: a sequence of instructions within a process Potentially many threads per process (for now 1:1)

12 A process’s Address Space
In class demo: hand-trace a program’s execution Stack (Function Call Stack, Execution Stack): used to keep track of function calls Heap: where dynamic variables are allocated from (via new, delete, malloc, free) Data: global variables Text: program code (in machine code)

13 Single and Multithreaded Processes
In a multithread process: there are be multiple threads of execution sharing program code global variables open files each has its own calling stack: registers (PC, …) values Why multi-threaded programming? * To take advantage of multi-core CPU, or multi-processors * Application needs: e.g., web server

14 Protection: How? How can we implement execution with limited privilege? A thought experiment Execute each program instruction in a simulator If the instruction is permitted, do the instruction Otherwise, stop the process Basic model in Javascript and other interpreted languages How do we go faster? Run unprivileged code directly on CPU! Run privileged code through OS kernel Upsides? Downsides to this approach? Essentially what you do in Javascript in a browser – simulate the execution of the script, one line at a time.

15 Goal today Chapter 1: what to take away?
central role of OS: protection via OS kernel Process concept A process is the OS abstraction for executing a program with limited privileges Dual-mode operation: user vs. kernel Kernel-mode: execute with complete privileges User-mode: execute with fewer privileges Safe control transfer How do we switch from one mode to the other? (Why to do research!) Debugging. You’ll spend 50% of your time debugging. So get great at it. Think of it as a machine: how do you optimize the speed at which you can identify bugs and fix them? First, gain a clear understanding of the problem and the solution before you start coding. I mention this here because you’ll start debugging with assignment 1, so good to shake off the rust this week.

16 Protection: Hardware Support
Dual Mode and Privileged instructions Privileged instructions only available to kernel User program (untrusted code) access privileged instructions via system call (user program calling kernel) Limits on memory accesses To prevent user code from overwriting the kernel Timer interrupt To regain control from a user program in a loop Safe way to switch from user mode to kernel mode, and vice versa

17 When in kernel mode: execution with full privileges
Dual-Mode Operation Mode bit (kernel or user mode) in CPU status register (e.g., EFLAGS register in x86) When in kernel mode: execution with full privileges Read/write to any memory, access any I/O device, read/write any disk sector When in user mode: only non-privileged instructions Obviously, you need the part that has full rights to be really reliable!

18 fully trusted code, runs in kernel mode implementing protection
OS Kernel Operating System Kernel: lowest level of software running on system, with full access to all hardware fully trusted code, runs in kernel mode implementing protection i.e., reliability, security, privacy, and fair sharing of resource User process: execute privileged instructions via well-defined interface supported by kernel, i.e., system call Obviously, you need the part that has full rights to be really reliable!

19 Privileged instructions
Examples of privileged instructions perform I/O operation, e.g., read/write disk, keyboard, … change set of memory locations accessible by process block interrupt, … Examples of non-privileged instructions memory accessing (read, write memory location) arithmetic operations function calls, control flow instruction (jump, …) What if a user program attempts to execute a privileged instruction? a processor exception which usually triggers system to trap into kernel mode, to execute kernel code for handling this type of exception (e.g., abort the violating process) Change mode bit in EFLAGs register! Change which memory locations a user program can access Send commands to I/O devices Read data from/write data to I/O devices Jump into kernel code

20 Protection/Hardware Support: Memory Protection
To user process/program , access memory as if it is unlimited resource accessed by itself only

21 Protection/Hardware Support: Memory
Second thing

22 Towards Virtual Addresses
Problems with base and bounds? Expandable heap? Expandable stack? Memory sharing between processes? Non-relative addresses – hard to move memory around Memory fragmentation

23 Example int staticVar = 0; // a static variable main() {
sleep(10); // sleep for x seconds printf ("static address: %x, value: %d\n", &staticVar, staticVar); } What happens if we run two instances of this program at the same time? What if we took the address of a procedure local variable in two copies of the same program running at the same time? Because of stack address munging on modern systems (to prevent viruses), if you use a procedure local variable, won’t get the same result – different addresses used by different instances

24 Protection Hardware Support: Hardware Timer
Hardware device that periodically interrupts the processor Returns control to kernel handler Interrupt frequency set by the kernel Not by user code! Interrupts can be temporarily deferred Interrupt deferral crucial for implementing mutual exclusion How do I stop a runaway program? How do I know if a runaway program needs to be stopped, or its just taking a long time?

25 Goal today Chapter 1: what to take away?
central role of OS: protection via OS kernel Process concept A process is the OS abstraction for executing a program with limited privileges Dual-mode operation: user vs. kernel Kernel-mode: execute with complete privileges User-mode: execute with fewer privileges Mode Transfer: What triggers them? Safe control transfer How do we switch from one mode to the other? (Why to do research!) Debugging. You’ll spend 50% of your time debugging. So get great at it. Think of it as a machine: how do you optimize the speed at which you can identify bugs and fix them? First, gain a clear understanding of the problem and the solution before you start coding. I mention this here because you’ll start debugging with assignment 1, so good to shake off the rust this week.

26 Mode Switch: User=>Kernel
triggered by Interrupts Triggered by timer and I/O devices Exceptions Triggered by unexpected program behavior Or malicious behavior! System calls (aka protected procedure call) Request by program for kernel to do some operation on its behalf Only limited # of very carefully coded entry points Might work better starting with interrupts!

27 System Calls Programming interface provided by OS
Typically written in a high-level language (C or C++) Mostly accessed by programs via a high-level Application Program Interface (API) rather than direct system call use Three most common APIs are Win32 API for Windows, POSIX API for POSIX-based systems (including virtually all versions of UNIX, Linux, and Mac OS X), Java API for the Java virtual machine (JVM) Why use APIs rather than system calls? (Note that system-call names used throughout the text are generic) 25

28 Standard C Library Example
C program invoking printf() library call, which calls write() system call 30

29 System Call Implementation
Typically, a number associated with each system call System-call interface maintains a table indexed according to these numbers System call interface invokes intended system call in OS kernel and returns status of system call and any return values Caller need know nothing about how the system call is implemented Just needs to obey API and understand what OS will do as a result call Most details of OS interface hidden from programmer by API Managed by run-time support library (set of functions built into libraries included with compiler) 28

30 API – System Call – OS Relationship
29

31 System Call Parameter Passing
Often, more information is required than simply identity of desired system call Exact type and amount of information vary according to OS and call Three general methods used to pass parameters to the OS Simplest: pass the parameters in registers In some cases, may be more parameters than registers Parameters stored in a block, or table, in memory, and address of block passed as a parameter in a register This approach taken by Linux and Solaris Parameters placed, or pushed, onto the stack by the program and popped off the stack by the operating system Block and stack methods do not limit the number or length of parameters being passed 31

32

33

34 Question Examples of exceptions Examples of system calls

35 Mode Switch: Kernel=>User
triggered by: New process/new thread start Jump to first instruction in program/thread Return from interrupt, exception, system call Resume suspended execution Process/thread context switch Resume some other process User-level upcall (UNIX signal) Asynchronous notification to user program

36 Upcall: User-level event delivery
Notify user process of some event that needs to be handled right away Time expiration Real-time user interface Time-slice for user-level thread manager Interrupt delivery for VM player Asynchronous I/O completion (async/await) AKA UNIX signal

37 Upcalls vs Interrupts Signal handlers = interrupt vector
Signal stack = interrupt stack Automatic save/restore registers = transparent resume Signal masking: signals disabled while in signal handler

38 Before up call

39 Upcall: During

40 Goal today Chapter 1: what to take away?
central role of OS: protection via OS kernel Process concept A process is the OS abstraction for executing a program with limited privileges Dual-mode operation: user vs. kernel Kernel-mode: execute with complete privileges User-mode: execute with fewer privileges Mode Transfer: What triggers them? Safe control transfer How do we switch from one mode to the other? (Why to do research!) Debugging. You’ll spend 50% of your time debugging. So get great at it. Think of it as a machine: how do you optimize the speed at which you can identify bugs and fix them? First, gain a clear understanding of the problem and the solution before you start coding. I mention this here because you’ll start debugging with assignment 1, so good to shake off the rust this week.

41 How do we take interrupts safely?
Interrupt vector Limited number of entry points into kernel Atomic transfer of control Single instruction to change: Program counter Stack pointer Memory protection Kernel/user mode Transparent restartable execution User program does not know interrupt occurred

42 Interrupt Vector Table set up by OS kernel; pointers to code to run on different events Note: by “processor register” I do not mean %eax. Rather – these are special purpose registers.

43 Interrupt Stack Per-processor, located in kernel (not user) memory
Usually a process/thread has both: kernel and user stack Why can’t the interrupt handler run on the stack of the interrupted user process? What goes in a stack frame? Frame pointer Locals Return address

44 Interrupt Stack Lots of complexity on this slide. Let’s unpack:
Every process/thread has two stacks. When the process is running, does the kernel stack have anything useful on it? You might think yes – it called into the user program. But actually no – the user program doesn’t return from main. Need to change this to add “crt0.s” – main returns to crt0.s, and then calls exit. Best to think of this as multiple personality disorder: sometimes we want to save context, other times not! When a process is ready to run, but not running – it has its user stack as before, but now I also need a place to store the state that had been in the CPU when it stopped running When a process is waiting for I/O, it had done a system call, etc.

45 Interrupt Masking Interrupt handler runs with interrupts off
Re-enabled when interrupt completes OS kernel can also turn interrupts off Eg., when determining the next process/thread to run On x86 CLI: disable interrrupts STI: enable interrupts Only applies to the current CPU (on a multicore) We’ll need this to implement synchronization in chapter 5

46 Interrupt Handlers Non-blocking, run to completion
Minimum necessary to allow device to take next interrupt Any waiting must be limited duration Wake up other threads to do any real work Linux: semaphore Rest of device driver runs as a kernel thread Skip this slide – too much for the students to get

47 Case Study: MIPS Interrupt/Trap
Two entry points: TLB miss handler, everything else Save type: syscall, exception, interrupt And which type of interrupt/exception Save program counter: where to resume Save old mode, interruptable bits to status register Set mode bit to kernel Set interrupts disabled For memory faults Save virtual address and virtual page Jump to general exception handler

48 Case Study: x86 Interrupt
Save current stack pointer Save current program counter Save current processor status word (condition codes) Switch to kernel stack; put SP, PC, PSW on stack Switch to kernel mode Vector through interrupt table Interrupt handler saves registers it might clobber

49 Before Interrupt Why does the stack pointer on the x86 have two components?

50 During Interrupt

51 After Interrupt

52 Question Why is the stack pointer saved twice on the interrupt stack?
Hint: is it the same stack pointer?

53 At end of handler Handler restores saved registers
Atomically return to interrupted process/thread Restore program counter Restore program stack Restore processor status word/condition codes Switch to user mode

54 Kernel System Call Handler
Locate arguments In registers or on user stack Translate user addresses into kernel addresses Copy arguments From user memory into kernel memory Protect kernel from malicious code evading checks Validate arguments Protect kernel from errors in user code Copy results back into user memory Translate kernel addresses into user addresses

Download ppt "The Kernel Abstraction"

Similar presentations

Operating System Structures

Operating System Structures
More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.

More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.
Chap 2 System Structures.

Chap 2 System Structures.
The Kernel Abstraction. Debugging as Engineering Much of your time in this course will be spent debugging – In industry, 50% of software dev is debugging.

The Kernel Abstraction. Debugging as Engineering Much of your time in this course will be spent debugging – In industry, 50% of software dev is debugging.
The Kernel Abstraction. Challenge: Protection How do we execute code with restricted privileges? – Either because the code is buggy or if it might be.

The Kernel Abstraction. Challenge: Protection How do we execute code with restricted privileges? – Either because the code is buggy or if it might be.
CMPT 300: Operating Systems I Dr. Mohamed Hefeeda

CMPT 300: Operating Systems I Dr. Mohamed Hefeeda
Architectural Support for OS March 29, 2000 Instructor: Gary Kimura Slides courtesy of Hank Levy.

Architectural Support for OS March 29, 2000 Instructor: Gary Kimura Slides courtesy of Hank Levy.
Operating System Support Focus on Architecture

Operating System Support Focus on Architecture
OS Spring’03 Introduction Operating Systems Spring 2003.

OS Spring’03 Introduction Operating Systems Spring 2003.
OS Spring’04 Introduction Operating Systems Spring 2004.

OS Spring’04 Introduction Operating Systems Spring 2004.
Processes in Unix, Linux, and Windows CS-502 Fall 20071 Processes in Unix, Linux, and Windows CS502 Operating Systems (Slides include materials from Operating.

Processes in Unix, Linux, and Windows CS-502 Fall Processes in Unix, Linux, and Windows CS502 Operating Systems (Slides include materials from Operating.
CSE 451: Operating Systems Autumn 2013 Module 6 Review of Processes, Kernel Threads, User-Level Threads Ed Lazowska 570 Allen.

CSE 451: Operating Systems Autumn 2013 Module 6 Review of Processes, Kernel Threads, User-Level Threads Ed Lazowska 570 Allen.
System Calls 1.

System Calls 1.
Protection and the Kernel: Mode, Space, and Context.

Protection and the Kernel: Mode, Space, and Context.
Chapter 2: Operating-System Structures. 2.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 2: Operating-System Structures Operating.

Chapter 2: Operating-System Structures. 2.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 2: Operating-System Structures Operating.
Operating Systems ECE344 Ashvin Goel ECE University of Toronto OS-Related Hardware.

Operating Systems ECE344 Ashvin Goel ECE University of Toronto OS-Related Hardware.
Lecture 3 Process Concepts. What is a Process? A process is the dynamic execution context of an executing program. Several processes may run concurrently,

Lecture 3 Process Concepts. What is a Process? A process is the dynamic execution context of an executing program. Several processes may run concurrently,
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 2: Operating-System Structures.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 2: Operating-System Structures.
Hardware process When the computer is powered up, it begins to execute fetch-execute cycle for the program that is stored in memory at the boot strap entry.

Hardware process When the computer is powered up, it begins to execute fetch-execute cycle for the program that is stored in memory at the boot strap entry.
1 CSE451 Architectural Supports for Operating Systems Autumn 2002 Gary Kimura Lecture #2 October 2, 2002.

1 CSE451 Architectural Supports for Operating Systems Autumn 2002 Gary Kimura Lecture #2 October 2, 2002.

Similar presentations

Ads by Google