Lecture 5

Download Report

Transcript Lecture 5 

Operating Systems
Lecture 5
Hardware Protection
OS System Overview
Read: Chapter 3
Operating System Concepts
2.1
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Dual-Mode Operation
 Sharing system resources requires operating system to
ensure that an incorrect program cannot cause other
programs to execute incorrectly. E.g.
 Writing over memory used by another program
 Writing to the same output device at the same time
 Many O.S.'s provide hardware support to differentiate
between at least two modes of operations.
1. User mode – execution done on behalf of a user.
2. Monitor mode (also kernel mode or system mode) –
execution done on behalf of operating system.
Operating System Concepts
2.2
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Dual-Mode Operation (Cont.)
 Mode bit added to computer hardware to indicate the
current mode: monitor (0) or user (1).
 When an interrupt or fault occurs hardware switches to
monitor mode.
Interrupt/fault
monitor
user
set user mode
Privileged instructions can be issued only in monitor mode.
Operating System Concepts
2.3
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
System Calls
When a user program needs O.S. service, it makes a
system call.
The system call is treated as a software interrupt. The
mode switches to monitor mode. The O.S. makes sure all
the parameters are legal.
After processing the interrupt, the O.S. switches to user
mode and returns to the user process.
If a process tries to execute privileged instructions while in
user mode, the hardware generates a trap (exception).
The O.S. will usually terminate the user program (and may
generate a core dump).
Operating System Concepts
2.4
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
I/O Protection
 A user program can disrupt the operation of a
system by:
 Issuing illegal I/O instructions
 Accessing memory locations within the O.S.
 Refusing to relinquish the CPU
I/O Protection:
 All I/O instructions are privileged instructions.
 Must ensure that a user program could never
gain control of the computer in monitor mode
(I.e., a user program that, as part of its
execution, stores a new address in the interrupt
vector).
 All I/O is performed through system calls.
Operating System Concepts
2.5
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Use of A System Call to Perform I/O
Operating System Concepts
2.6
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Memory Protection
 Must provide memory protection at least for the interrupt
vector and the interrupt service routines.
 In order to have memory protection, add two registers
that determine the range of legal addresses a program
may access:
 Base register – holds the smallest legal physical
memory address.
 Limit register – contains the size of the range
 Memory outside the defined range is protected.
Note: The O.S. in monitor mode has unrestricted access to all memory.
The load instructions for the base and limit registers are privileged
instructions.
Operating System Concepts
2.7
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Use of A Base and Limit Register
Operating System Concepts
2.8
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Hardware Address Protection
Operating System Concepts
2.9
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
CPU Protection
The Operating System must protect the CPU from being
taken over by a user program (e.g. in an infinite loop).
 Timer – interrupts computer after specified period to
ensure operating system maintains control.
 Timer is decremented every clock tick.
 When timer reaches the value 0, an interrupt
occurs.
 Timer commonly used to implement time sharing.
 Time also sometimes used to compute the current
time.
 Load-timer is a privileged instruction.
Operating System Concepts
2.10
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Common System Components
An operating system is a large, complex program. It
must be subdivided into smaller pieces to manage it.
Common components of an operating system include:
 Process Management
 Main Memory Management
 File Management
 I/O System Management
 Secondary Management
 Networking
 Protection System
 Command-Interpreter System
Operating System Concepts
2.11
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Process Management
 A process is a program in execution. A process
needs certain resources, including CPU time,
memory, files, and I/O devices, to accomplish its
task.
 The operating system is responsible for the
following activities in connection with process
management.
 Process creation and deletion.
 process suspension and resumption.
 Provision of mechanisms for:
 process synchronization
 process communication
 handling deadlocks
Operating System Concepts
2.12
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Main Memory Management
Programs must be mapped to absolute addresses and
loaded into memory.
 The executing program must have access to
instructions and data from main memory by generating
absolute addresses.
The operating system is responsible for the following
activities in connections with memory management:
Keep track of which parts of memory are currently
being used and by whom.
Decide which processes to load when memory
space becomes available.
Allocate and deallocate memory space as needed.
Operating System Concepts
2.13
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
File Management
 A file is a collection of related information defined by its
creator. Commonly, files represent programs (both
source and object forms) and data.
 The operating system is responsible for the following
activities in connections with file management:
 File creation and deletion.
 Directory creation and deletion.
 Support of primitives for manipulating files and
directories.
 Mapping files onto secondary storage.
 File backup on stable (nonvolatile) storage media.
Operating System Concepts
2.14
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
I/O System and Secondary Storage
Management
I/O Management
 The I/O system consists of:
 Memory management: A buffer-caching system
 A general device-driver interface
 Drivers for specific hardware devices
Secondary Storage Management
 The operating system is responsible for the following
activities in connection with disk management:
 Free space management
 Storage allocation
 Disk scheduling
Operating System Concepts
2.15
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Networking
The O.S. handles communication between computers on
a network through protocols:
 ftp: File transfer protocol
 http: Hypertext transfer protocol
The O.S. Must manage communication and access to
shared resources.
Operating System Concepts
2.16
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Protection System
 Protection refers to a mechanism for controlling
access by programs, processes, or users to both
system and user resources.
 The protection mechanism must:
 distinguish between authorized and
unauthorized usage.
 specify the controls to be imposed.
 provide a means of enforcement.
Operating System Concepts
2.17
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
The Command-Interpreter System
 The Command-interpreter is the interface between the
user and the system.
 In UNIX, it is the shell.
 Its function is to get and execute the next instruction.
 Many commands are given to the operating system by
control statements which deal with:
 process creation and management
 I/O handling
 secondary-storage management
 main-memory management
 file-system access
 protection
 networking
Operating System Concepts
2.18
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Operating System Services
 Program execution – system capability to load a program




into memory and to run it.
I/O operations – since user programs cannot execute I/O
operations directly, the operating system must provide
some means to perform I/O.
File-system manipulation – program capability to read,
write, create, and delete files.
Communications – exchange of information between
processes executing either on the same computer or on
different systems tied together by a network. Implemented
via shared memory or message passing.
Error detection – ensure correct computing by detecting
errors in the CPU and memory hardware, in I/O devices,
or in user programs.
Operating System Concepts
2.19
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005
Additional O.S. functions
Additional functions exist not for helping the user, but
rather for ensuring efficient system operations.
• Resource allocation – allocating resources to
multiple users or multiple jobs running at the same
time.
• Accounting – keep track of and record which
users use how much and what kinds of computer
resources for account billing or for accumulating
usage statistics.
• Protection – ensuring that all access to system
resources is controlled.
Operating System Concepts
2.20
Silberschatz, Galvin and Gagne 2002
Modified for CSCI 399, Royden, 2005