CS3026 Operating Systems Lecture 03 - Homepageshomepages.abdn.ac.uk/m.j.kollingbaum/pages/teaching... · – Secure user access to data and define ownership of files and processes.

OperatingSystemArchitecture

CS3026OperatingSystemsLecture03

TheRoleofanOperatingSystem• Serviceprovider– Provideasetofservicestosystemusers

• Resourceallocator– Exploitthehardwareresourcesofoneormoreprocessorsandallocateittouserprograms

• Controlprogram– ControltheexecutionofprogramsandoperationsofI/Odevices• interruptthemtosend/receivedataviaI/Oortore-allocatehardwareresourcestootheruserprograms

• ProtectionandSecurity– Protectmultipleprogramsrunningfromeachother– Secureuseraccesstodataanddefineownershipoffilesandprocesses

OperatingSystemFunctions

ExecutionExecutionofProgramInstructions

MemoryProgram-relatedData

PersistentStorageFiles

ProgramneedsmemorytoexecuteProgramstoresdata

CoreConcepts

Virtualization“Unlimited”resourcesandprograms

ConcurrencyConcurrentExecutionofprograms

PersistenceStorageofData

VirtualizationofProcessor(processes,threads)

VirtualizationofMemory(virtualaddressspace)

Principle:ContextSwitch“AllotmentofTime”

Principle:PagingandSegmentation“AllotmentofSpace”

OperatingSystemsExecution Memory Storage

Virtualization Process,threadContext switchProcessControlBlockSwapping

VirtualmemorymanagementSegmentationFreespacemanagementPagingPagetableTLB

StoragevolumesFile system

Concurrency MutualexclusionLockingConditionvariablesSemaphoresDeadlock

Sharedmemory Locking

Persistence FilesanddirectoriesI/ODevicesHarddisk

OperatingSystemStructure

TheKernel

ProtectingtheOperatingSystemModesofOperation

• UserMode– Userprogramsexecuteinusermode

– Certainareasareprotectedfromuseraccess

– Certaininstructionsmaynotbeexecuted

• KernelMode– Operatingsystemexecutesinkernelmode

– Privilegedinstructionsmaybeexecuted

– Protectedareasofmemorymaybeaccessed

OperatingSystem

Kernel

BasicComponentsofUnixKernel

ProcessManagement

MemoryManagement

I/OManagement

VirtualMemory FileSystems

DeviceDriver

Terminals

Network

Paging/SegmentationPagereplacement

ProcesscreationProcessInterruptionProcessterminationSchedulingInter-processCommunication

SystemCallInterface

InterruptsandTraps

UtilisingHardwareResources

• Hardwaresupports– Basicinstructionexecution– Interrupthandling– Basicmemoryaddressingmechanisms– User/kernelmodeoperationforprotectingresources

• Operatingsystemmanagessoftwareconstructsbasedonthesehardwareservices– Processmanagement– Virtualmemorymanagement– Filestorageandcommunicationmanagement

TraditionalUnixKernel

SystemCalls

CallingOperatingSystemFunctions

SystemCalls

• Systemcallsaretheonlyentrypointintothekernel

• Categories– Processmanagement–Memorymanagement– Filemanagement– Devicemanagement– Communication

• Systemcallsareexecutedinkernelmode

SystemCalls• Interfacebetweena

programandtheoperatingsystemkernel– Provideaccesstooperating

systemservices• Isanexplicitrequestto

thekernelmadeviaasoftwareinterrupt

• Executedinkernelmode– Requiresamodeswitch

• Eachsystemcallisidentifiedbyasystemcallnumber SystemcallNo

ModeSwitch

SoftwareInterruptforSystemCalls

• Softwareinterruptduetosystemcalls– Modeswitchofprocessorhardware:Systemcallsonlyallowedtoexecuteinkernelmode

– Modebitmanagedbetheprocessor• Providestheabilitytodistinguishbetweenuserandkernelmode• Privilegedinstructionsonlyinkernelmode

InvokingaSystemCall• Typically,anumberisassociated

witheachsystemcall– Theprocessinvokingthesystemcall

mustpassthesystemcallnumber tothekerneltoidentifythecorrespondingsystemcallserviceroutine

• Operatingsystemmaintainsatableofpointerstosystemcallserviceroutines,systemcallnumberisindexforthistable

• Operatingsystemhandlestheinvocationoftheserviceroutineandanyreturnstatus/values

printf()SystemCallNoi

SystemCallDispatchTable

sys_write()iKernel

SystemCallHandling

• Whenaprocessrunninginusermodeinvokesasystemcall,theCPUswitchestokernelmodeandstartstheexecutionofakernelfunction

Usermode

Kernelmode

printf()

UserProgram

SystemCallNri

KernelSystemCall

DispatchTable

sys_write()i

Standardlibc library,functionprototypeinstdio.h

InvokingaSystemCallinLinux

• Linuximplementsasystemcallhandlertomanagetheinvocationofsystemcallserviceroutines

• SystemDispatchTableholdsalltheserviceroutineaddresses– SystemCallnumberisindexintothistable

int main(){

...xyz()...

}

int xyz(){

...“SYSCALL”...

}

ApplicationProgram

Wrapperroutineinlibc standardlibrary

...call sys_xyz()...“SYSEXIT”

int sys_xyz(){

...}

SystemCallHandler

SystemCallServiceRoutine

UserMode KernelMode

AssemblerinstructionswitchingCPUintoKernelModel

AssemblerinstructionswitchingCPUbackintoUserModel

SystemCallDispatchTable

PassingParameters

• Threegeneralmethods:– PassviaCPUregisters– Useamemoryblock:

• Storeparametersinmemoryinatableormemoryblock• PassaddressofthismemoryblockviaCPUregistertoserviceroutine

• ThisapproachistakenbyLinuxandSolaris– Useastack

• Userprogrampushesparametersontostack• Systemserviceroutinepopsparametersfromstack

API’sandSystemCalls• Operatingsystemsusuallycomewithalibrarythat

implementsanAPIoffunctionswrappingthesesystemcalls:– Typicallywritteninahigh-levellanguage(CorC++)

• StandardCLibrary• Unix/Linux:libc orglibc

– Usually,eachsystemcallhasacorrespondingwrapperroutine,whichanapplicationprogrammercanuseintheirprograms• E.g.:printf()

• POSIXisastandardAPIimplementedbymanykernelarchitectures:– ManyUnixkernels,Linux,MacOSX,WindowsNT

• Win32isanotherimportantAPI

KernelArchitectures

UnixKernel

KernelArchitectures

• Kernelthecoreelementofoperatingsystem• Variousdesignandimplementationapproaches–Monolithickernels– Layeredapproach–Microkernel– Kernelmodules

MonolithicKernel• Mostoperatingsystems,untilrecently,featuredalargemonolithic

kernel(mostUnixsystems,Linux)• Provide

– Scheduling– Filesystemmanagement– Networking– Devicedrivers– Memorymanagement– Etc.

• Implementedasasingleprocess– Allfunctionalcomponentssharesameaddressspace

• Benefit– Performance

• Problem– Vulnerabilitytofailureincomponents

SimpleMonolithicStructure• Earlyoperatingsystems

weremonolithic• Nowelldefinedstructure• Nolayering,notdividedinto

modules• Startedassmallandsimple

systems• Example:MS-DOS

– Developedtoprovidemostfunctionalityintheleastspace

– Levelsnotwellseparated,programscandirectlyaccessI/Odevices

IntroducingLayers• Simpleun-organisedstructuresbecameinfeasible• Introductionofalayeredapproach• Operatingsystemisdividedintoanumberoflayers(levels),eachbuiltontopoflowerlayers– Thebottomlayer(layer0)isthehardware– Thehighestlayer(layerN)istheuserinterface

• Eachlayerusesonlyfunctionsandservicesprovidedbyalowerlayer

• Allormostofthelayersoperateinkernelmode• Examples– MULTICS,VAX/VMS

LayeredApproach• ApproachusedbyoriginalUnixkernel– Minimallayering,thickmonolithiclayers,noclearseparation– circulardependencies,difficulttodebugandextend

• Betterapproach- strictlayering• Difficulty– Howtodefinelayersappropriately?– Layeringisonlypossibleifthereisastrictcallinghierarchyamongsystemcallsandnocirculardependencies

• Example– TheTCP/IPnetworkingstackisastrictlylayeredarchitecture

LayeredApproach- Problems

• Circulardependencies– Examplediskdevicedriver

• DevicedrivermayhavetowaitforI/Ocompletion,invokestheCPUschedulinglayer

• CPUmayneedtocallthedevicedrivertoswapprocessesinandouttoharddisk

• Themorelayersthemoreindirectionsfromfunctiontofunctionandthebiggertheoverheadinfunctioncalls

• Backlashagainststrictlayering:returntofewerlayerswithmorefunctionality

Microkernel• Amicrokernelisareducedoperatingsystemcorethat

containsonlyessentialOSfunctions• Idea:minimisekernelbyexecutingasmuchfunctionalityas

possibleinusermode– Runthemasconventionaluserprocesses– Processesinteractonlyviamessagepassing(IPC)

• Manyservicesarenowexternalprocesses– Devicedrivers– Filesystems– Virtualmemorymanager– Windowingsystems– Securityservicesetc.

• Example:Machoperatingsystem

MachKernel

• DevelopedatCarnegieMellonUniversity1985• Researchkernel• Variousversionsofitweredevelopedfurther–Microkernelaswellasnon-microkernelversions

• Notably– NeXTSTEP /MacOSX,FreeBSD(notamicrokernel,butprovidesmicrokernelIPCtoapplications)

• ProblemofMachkernel:IPC(Inter-ProcessCommunication)overhead

MicrokernelSystemStructure• Operatingsystemcomponentsexternaltothemicrokernelareimplementedasserverprocesses– Theseprocessesinteractviamessagepassing(IPC)

• Microkernelfacilitatesthemessageexchange– Validatesmessages– Passesmessagesbetweencomponents– Checkswhethermessagepassingispermitted

• Grantsaccesstohardware• Microkerneleffectivelyimplementsaclient-serverinfrastructureonasinglecomputer

Microkernel• Benefits– Uniforminterfaces

• Processespassmessages,nodistinctionbetweenuser-modeandkernel-modeservices,allservicesareprovidedviamessagepassingasinaclient-serverinfrastructure

– Extendibility• Easiertoextend,newservicesintroducedasnewapplications

– Portability• Onlythemicrokernelhastobeadaptedtoanewhardware

– Reliabilityandsecurity• muchlesscoderunsinkernelmode,programfailuresoccurringinusermodeexecutiondoesnotaffecttherestofthesystem

MicrokernelDesign

• Minimalfunctionalitythathastobeincludedintoamicrokernel– Low-levelmemorymanagement

• Mappingofmemorypagestophysicalmemorylocations• Allothermechanismsofmemorymanagementareprovidedbyservicesrunninginusermode– Addressspaceprotection– Pagereplacementalgorithms– Virtualmemorymanagement

– Interprocess communication(IPC)– I/Oandinterruptmanagement

SystemCallMonolithicvs MicroKernel

Microkernel• Problems– Performanceoverheadofcommunicationbetweensystemservices• Eachinteractioninvolvesthekernelandausermode/kernelmodeswitch

• Systemservicesrunninginusermodeareprocesses,operatingsystemhastoswitchbetweenthem

– Solution:reintegrationofservicesrunninginusermodebackintothekernel• Improvesperformance:lessmodeswitches,servicesintegratedinkernelshareoneaddressspace(oneprocess)

• ThiswasdonewiththeMachkernel– Solution:makekernelevensmaller– experimentalkernelarchitectures(Nano kernels,pico kernels)

ModularKernelDesign• Manyoperatingsystemsimplementkernelmodules– E.g.:Linux

• Eachcorecomponentisseparate• Communicationviadefinedinterfaces• Loadableondemand

• Modulesaresomehowahybridbetweenthelayeredandmicrokernelapproach– Cleansoftwareengineeringapproach– But:modulesareinsidethekernelspace,theydon’trequiretheoverheadofmessagepassing

– Compromisewithperformancebenefits

ModernUnixKernel

• ModernUnixkernelshaveamodulararchitecture

• Commonfacilitiesastheinnercoreofthekernel

• Restofsystemservicesaddedasmodules

• SeeLinux

ModularApproach

• MacOSX– takesahybridapproach,hasaMachkernel(microkernel)combined

withaBSDinterface– BSD(BerkeleySoftwareDistribution,sometimescalledBerkeley

Unix):providessupportforcommandlineinterface,networking,filesystem,filesystem,POSIXAPIandthreads

– Mach:memorymanagement,RemoteprocedureCall(RPC),Interprocess communication(IPC),messagepassing

BSD

Mach

ApplicationEnvironmentCommunicationServices

Kernel

OSFunctionality

• LinuxKernelMap– http://www.makelinux.net/kernel_map/

• Alsoavailableat:– http://upload.wikimedia.org/wikipedia/commons/5/5b/Linux_kernel_map.png

– http://i.imgur.com/4sftcoo.jpg

http://en.wikipedia.org/wiki/File:Unix_history-simple.svg