Transcript Introductions - 清華大學資訊工程學系

CS1356 資訊工程導論
Operating Systems
國立清華大學資訊工程學系
2016/3/27
How does a computer start
executing?
Simple Answer
• The program counter is initiated with a
particular address in a special memory
when the computer is powered on
– That address is start of a (special) program
 to bring up other programs and the system
– But DRAM is volatile!
– So, we use read-only memory (ROM)
3
Suppose the computer runs
only one program …
Full control of everything, e.g. CPU
Manage everything
Suppose the computer runs
many programs …
•How do they get executed?
•How do they get the most
important resource – the CPU?
Grabbing the CPU
• In a single-processor computer, only one
CPU to be shared by all programs
• Who can get the microphone?
(analogy by 資工四年清班張明禾)
6
We Need a Chairperson!
• The chairperson decides
who gets the microphone
to speak next
• Two ways to schedule:
– Let each speaker talk until he/she finishes
– “Interrupts” the speaker to get back the
microphone and turn to another speaker
 time sharing
7
Chairperson Can Do More
• Which portion of blackboard
a speaker can write?
 memory management
Chairperson is OS
• Who can use 幻燈機 (projector)?
– Why not operated by chairperson?
– Device driver and management
8
What Is a System?
• A set of interacting, interdependent
entities forming an integrated whole.
– From Wikipedia
• Five components
– Hardware
– Software
– Data
– Procedure
– User
User
Software
System
Data
Procedure
Hardware
9
Software Classification
(Fig. 3.3)
• Operating system is one kind of software
10
Operating Systems
• One kind of software that controls the
overall operation of a computer
– Unix, Sun Solaris
– Linux: Ubuntu, Redhat, ...
– Microsoft Windows
– Apple Mac OS X
– Google Chrome OS
11
Outline
•
•
•
•
Components and functions
Process management
Handling competition for resources
Security
12
Components and Functions
Shell, kernel, file manager,
device drivers, memory manager,
bootstrapping, scheduler, dispatcher
13
Components of OS
• For user: shell, privilege control (security)
• For data: file manager
• For hardware: device manager, memory
manager, and boot manager
• For software:
– Where to store: file manger, registry
– How to execute: scheduler, process manager
14
How about Procedure?
• OS needs to define a set of rules or
working flows for users and hardware/
software developers.
– For example, you need to double click an icon
to open a program or a file.
– Design a simple yet useful procedure for a
complicated system is not an easy job.
– This is for books like “How to use computers?”
to talk about
15
Shell
• Shell: an interface between users and the
operating system
– Text based: 命令提示字元
– Graphical user interface
(GUI)
• Windows, icons, menus,
pointers (WIMP)
• Window manager
(Fig. 3.4)
16
File Manager
• File manager: organizes and maintains
the records of files in mass storages
• Hierarchical structure
– Directory (or folder), directory path
• File descriptor
– File name, extension, size, updated
date, permissions, attributes, …
• File operations
– Copy, paste, creation, open…
17
Device Manager
• Communicate with the controllers/devices
– Drive the corresponding peripheral devices
– Each device driver is uniquely designed for its
particular type of device
18
Memory Manager
• Coordinates the use of memory
• Suppose computer runs only one program
– The program can use any part of the main
memory (i.e., DRAM)
– What if the program is larger than the memory?
 store only the
needed portion
– Who makes the move?
19
Memory Manager
• Suppose computer runs many programs at
the same time
– What if programs are larger than the memory?
– Which program uses which part of the memory?
– How to protect they from each other?
All done by OS!
20
Virtual Memory
• Create the illusion of a memory space
much larger than physical memory. How?
– Store only needed portion in memory and the
remaining in disks
– Shuffle portions between memory and disks
– Program uses virtual address, while OS does
the mapping
• Paging: memory is grouped into pages to
facilitate the mapping and shuffling
21
Example of Paging
• There are 8 pages; each is of 4KB
– Main memory is of size 16KB (4 pages)
– Programs use virtual Page 0
Page 1
address to access
Page 2
data and code
Page 3
– OS does the mapping Page 4
and paging
Page 5
Main memory
Page 6
Page 7
Disk
Virtual address
22
Get It Started: Bootstrapping
• Loader: a special program places machine
programs to main memory for execution
– Think about the problem 2 of homework 3
– Usually part of the OS’s scheduler
• Who loads the OS to memory?
– A “special memory” that contains a “program”
to load the OS after computer is powered on.
Read-only memory (ROM)
Bootstrap
23
The Booting Process
The program counter is initiated with a particular
address in ROM where the bootstrap is stored
24
BIOS and Firmware
• The bootstrap program and other basic
input/output functions are contained in a
special ROM, called BIOS (basic
input/output system)
• A program stored in ROM is called
firmware
– Hardware or software?
25
Process Management
History, today, and future
26
A Program vs. a Process
• Program: a set of instructions, e.g.,
notepad.c, notepad.exe
• Process: activity of executing a program
• A program can be run multiple times, each
instance/activity called a process
• Interprocess communication
– The communication between processes (may
from running one or more programs)
27
Evolution of Computers
• Batch processing
• Interactive processing: requires real-time
processing
• Time-sharing/multitasking: implemented by
multiprogramming
• New challenges: multicore processors,
and small devices
28
Batch Processing
FIFO: first in first serve
29
Interactive Processing
Text editing, music/movie playing, …
30
Time-sharing/Multitasking
• Time-sharing between process A and
process B
(Fig. 3.6)
31
Context (Process State)
• Snapshot of current status of a process
–
–
–
–
A process identifier, or PID
Register values, Program Counter value
The memory space, I/O, files for the process
Can be saved and resumed as if the process is not
interrupted
• Another meaning: execution state of the process
– Ready: ready for execution
– Waiting: waiting for some I/O
– Complete: finished process
32
Scheduler
• Determines which processes should be
considered for execution based on some
priorities or concerns
– Using process table for administration
• Process table
– Ready or waiting
– Priority
– Non-scheduling information: memory pages,
etc.
33
Dispatcher
• Gives time slices to a process that is ready
• Executes a context switch when the
running process’s time slice is over
– Time slice: a time segment for each execution
– Interrupt: the signal generated by a hardware
timer to indicate the end of a time slice.
– The interrupt handler (part of dispatcher)
starts after the interrupt to perform context
switch
34
Context Switch
(process switch)
1. Get an interrupt from timer
2. Go to the interrupt handler
a. Save the context of process A
b. Find a process ready to run
(Assume that is process B)
c. Load the context of process B
3. Start (continue) process B
35
Thread
• A task existing within a process
that allows multiple independent
instances to be executed concurrently
– Multiple threads share resources such as
memory, program code, …
– Each thread has its own program counter,
registers, and stack (local memory)
• The context switch of threads is much
faster than that of processes
36
Exercises
• Suppose an OS allocates time slices in 10
millisecond units and the time required for a
context switch is negligible. How many
processes can obtain a time slice is one
second?
• If it takes one microsecond to perform a context
switch and processes use only half of their
allotted 10 millisecond time slices, what percent
of a CPU’s time is spent performing context
switches rather than executing processes?
37
New Challenges
• Multicore processor
– A processing system composed of two or
more independent cores (or CPUs), which
share resources, such as memory.
• Embedded systems, small devices
– A computer system designed to perform one
or a few dedicated functions, often with realtime computing constraints.
38
Multiprocessor Machines
Processor 1
Processor 3
Processor 2
Processor 4
Task 1
Task 4
Task 7
Task 2
Task 5
Task 8
Task 3
Task 6
Task 9
• How to assign tasks to processors?
– Load balance problem
• How to use processors to handle one task?
– Parallelization, scaling problem
39
OS for Small Devices
• Embedded systems, PDA, mp3 player, cell
phone, GPS,…
– Limited storage, limited power,
– Usually has real time requirement
• Turkey system: store all programs and
data in a persistent memory
– No BIOS and program loader
40
Handling Competition for
Resources
41
Competition for Resources
• What are resources?
– CPU, memory, files, peripheral devices, …
• In a multitasking system, resources are
shared by processes
• Some resources should not be
employed by more than one process
simultaneously
– E.g., printer
42
Handling Competitions
• Define critical regions
– Critical Region: A group of instructions that
should be executed by only one process at a
time
– Mutual exclusion: Requirement for proper
implementation of a critical region
43
First Algorithm
• Use a flag (a global memory address)
– flag=1: the critical region is occupied
– flag=0: no process is in the critical region
• Problem:
Process A
if (flag == 0) {
flag = 1;
/*critical region*/
}
Context switch to A
Process B
Context switch to B
if (flag == 0) {
flag = 1;
/*critical region*/
}
– Both processes get into the critical region
44
Solutions
• Testing&setting the flag must be
completed w/o interruption (atomic)
1. Use disable_Interrupt() to Diable_Interrupt();
if (flag == 0) {
flag = 1;
prevent context switch
Enable_Interrupt();
/ *critical region*/
during the flag test and
}
set process.
Enable_Interrupt();
2. A machine instruction called “test-and-set”
which cannot be interrupted
• Semaphore: a properly implemented flag
45
Another Problem: Deadlock
• Example:
– A is in critical region 1, and waits to enter
critical region 2
– B is in critical region 2, and waits to enter
critical region 1
Context switch to A
Process A
if (test_set(flag1)) {
/*critical region 1*/
while(!test_set(flag2));
/*critical region 2*/
}
Process B
Context switch to B
if (test_set(flag2)) {
/*critical region 2*/
while (!test_set(flag1));
/*critical region 1*/
}
46
Conditions for Deadlock
1. Competition for non-sharable resources
2. Resources requested on a partial basis
3. Allocated resources cannot be forcibly
retrieved
4. Circular wait
Remove any one of the
conditions can resolve
the deadlock.
47
Solutions
Which condition is removed?
1. Kill one of the process
2. Processes need to request all the
required resources at one time
3. Spooling
• For example, stores the data to be printed
and waits the printer available
4. Divide a file into pieces so that it can be
altered by different processes
48
Exercises
• There is a bridge that only allows one car
to pass. When two cars meet in the
middle, it causes “deadlock”. The following
solutions remove which conditions
– Do not let a car onto the bridge until the
bridge is empty.
– If cars meet, make one of them back up.
– Add a second lane to the bridge.
• What’s the drawback of solution 1?
49
Security
50
Security
• Attacks
– Malware
– Spyware and
phishing
– Adware and spam
– Abnormal behaviors
• Defenses
– User management
• Privilege control
– Protections
• Antivirus software
• Auditing software
• Firewall, spam filter
– Encryption
51
Malware
• Infect programs/computers, erase
data, slowdown performance…
• Types
– Virus: attached to an existing program
– Worm: a stand alone program
– Trojan horse: disguised as valid files or
programs
52
Spyware and Phishing
• Spyware: collects information about users
without their knowledge.
– Keylogger: log the keys struck on a keyboard
– Login sniffing: simulates the login process to
get valid user name and password.
– Network sniffing: intercept network messages
• Phishing: acquires information by
masquerading as a trustworthy
entity in an electronic communication.
53
Adware and Spam
• Adware: automatically plays, displays, or
downloads advertisements to a computer
after the software is installed on it or while
the application is being used.
• Spam: sends unsolicited bulk messages
indiscriminately.
– Email spam
54
Abnormal Behaviors
• Dictionary attack: trying passwords
derived from a list of words in a dictionary.
• Denial of service attack: overloading a
computer (server) with messages to make
a computer resource unavailable to its
intended users.
• Spoofing attack: masquerading as a party
other than one’s self
55
User Management
• To protect the computer’s resource from
access by unauthorized personnel.
• User authentication process:
– Username, password, fingerprint, …
• Super user / administrator / root
– A kind of user having higher privilege to
control machines and operating system.
56
Privilege Control
• To prevent malicious programs to execute
dangerous instructions.
• Privilege levels:
– Nonprivilege mode: only “safe” instructions
• For example, to access some part of memory.
– Privilege mode: all kinds of instructions
• Those instructions that can be only executed in the
privilege mode are called privilege instructions.
57
Protections
• Antivirus software: detecting and
removing the presence of known viruses
and other infections.
• Auditing software: detecting and
preventing abnormal situations
• Firewall: filtering messages passing
through computers.
– Spam filter: firewall for email spam
58
Related Courses
• Operation system
– 作業系統，計算機系統管理，平行程式
• Security
– 計算機系統管理，密碼與網路安全概論
References
• http://www.wikipedia.org/
• Textbook chap3, sec 4.5 (security)
59