pptx - code school

Download Report

Transcript pptx - code school

Unix system calls (part 1)
• history and usage of Python
• basic data types and the type hierarchy
• syntax
• modules and variable scopes
http://codeschool.org/
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Unix system calls
(part 1)
http://codeschool.org/
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
This is one part of a larger series. You
may need to view previous parts to
understand this material.
http://codeschool.org/
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
It’s a Unix system!
1980’s
System V
BSD
today
Linux
Mac OS X
FreeBSD, OpenBSD
POSIX (Portable Operating System Interface for Unix)
SUS (Single Unix Specification)
Process A
Process B
jump to system call code via
special instruction
Process C
kernel
RAM
…
…
system call 7
0xFF 31 01 11
system call 6
0xFF 90 44 44
system call 5
0xFF 31 01 11
system call 4
0xFF 31 21 14
system call 3
0xA2 22 00 10
system call 2
0x82 87 95 94
system call 1
0x20 15 10 00
system call 0
0x76 00 00 00
kernel code
stack
jump to system
call code via
special
instruction
heap
heap
heap
code
 pages only accessible in system calls
frame of syscall
stack space
frame of fish
frame of dog
frame of cat
frame of main
created
terminated
waiting
running
blocked
• processes
• files
• networking sockets
• signals
• inter-process communication
• terminals
• threads
• I/O devices
ssize_t read(int fd, void *buf, size_t
count);
ssize_t read(int fd, void *buf, size_t
count);
read(fd)
process:
address space
user ids
file descriptors
environment
current and root directory
stack
heap
heap
code
kernel code
stack
heap
heap
uninitialized data
initialized data
code
 global variables without initial values
 global variables with initial values
kernel code
stack
 starts empty, grows automatically
heap
 explicitly allocated during execution
heap
uninitialized data
initialized data
code
 global variables without initial values
 global variables with initial values
 a.k.a. the “text”
mmap
(‘memory map’ pages to the process address space)
munmap
(‘memory unmap’ pages from the process address space)
mmap
(‘memory map’ pages to the process address space)
munmap
(‘memory unmap’ pages from the process address space)
address = mmap(5000)
… # do stuff with memory at
address
munmap(address)
kernel code
stack
heap
heap
mmap fails when not enough space
heap
heap
uninitialized data
initialized data
code
if fork() == 0:
… // new (child) process
else:
… // original (parent)
process
stack
byte n
heap
heap
RAM
code
byte 0
HD
fork
stack
byte n
heap
heap
RAM
code
stack
byte 0
heap
heap
code
HD
fork
stack
byte n
heap
heap
RAM
code
stack
byte 0
heap
heap
code
HD
fork
stack
byte n
heap
heap
RAM
code
stack
byte 0
heap
heap
code
HD
fork
stack
byte n
heap
heap
RAM
code
copy
stack
byte 0
heap
heap
code
HD
fork
exec
stack
heap
heap
code
exec
code
(executable)
if fork() == 0:
// new (child) process
exec(‘/games/pong’)
else:
… // original (parent) process
pid 1 (init)
pid 17
pid 85
pid 230
pid 24
pid 104
pid 34
pid 50
_exit
(terminate the process)
_exit(0)
wait
(block the process until child process terminates)
pid = fork()
if pid == 0:
// new (child) process
exec(‘/games/pong’)
else:
// original (parent)
process
code = wait(pid)
TERM=xterm
SHELL=/bin/bash
USER=greys
MAIL=/var/mail/ted
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
PWD=/home/ted
EDITOR=vim
name=value
pid 1 (init), user 0
pid 17, user 4
pid 85, user 8
pid 230, user 8
pid 24, user 33
pid 104, user 33
pid 34, user 4
pid 50, user 4
user accounts:
/etc/passwd
user accounts:
/etc/passwd
superuser/root = user id 0
privileged to do anything it wants
each process has three user ids:
“real” id:
the owning user
“effective” id:
determines privileges
“saved” id:
set by exec to match the effective id
each file and directory is owned by a single user
exec
(sets effective and saved ids when binary file has setuid bit)
exec
(sets effective and saved ids when binary file has setuid bit)
seteuid
(sets effective user id)
setuid
(sets real, effective, and saved user ids)
exec
(sets effective and saved ids when binary file has setuid bit)
seteuid
(sets effective user id)
setuid
(sets real, effective, and saved user ids)
non-superuser can only directly set effective id to
match the real or saved id
pid 1 (init), user 0
pid 2 (login), user 0
pid 3 (shell), user 1780
pid 1 (init), user 0
fork, exec
pid 2 (login), user 0
pid 3 (shell), user 1780
pid 1 (init), user 0
fork, exec
pid 2 (login), user 0
fork, setuid, exec
pid 3 (shell), user 1780
user groups:
/etc/group
• user may belong to multiple groups but has one “primary” group
• each file and directory is owned by one group
• each process has a real, effective, and saved group id
• binary files have setgid bit
• setegid and setgid
rwx rwx
rwx
user
group
other
rwx rwx
rwx
user
group
other
if file_user_id == effective_user_id:
user class
else if file_group_id == effective_group_id:
group class
else:
other
file permissions:
read: can read bytes of file
write: can modify bytes of file
execute: can exec file
directory permissions:
read: can get names of files
write: can add/remove/rename files
execute: can use in file paths
directory permissions:
read: can get names of files
write: can add/remove/rename files
execute: can use in file paths
/adams/taft/garfield/eisenhower
directory permissions:
read: can get names of files
write: can add/remove/rename files
execute: can use in file paths
/adams/taft/garfield/eisenhower
/adams/taft/ (OK)
rwx rwx
rwx
user
r-xr-xr-x
rw-r----r-x--x--x
rwx------
group
other
/adams/lincoln
/adams/cleveland
/roosevelt
/fillmore
rwx rwx
rwx
user
dr-xrw-r-x
group
other
/adams/
http://codeschool.org/
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.