os note
TRANSCRIPT
System Calls & Libraries
Vivek Pai
Lecture 4, COS318
Sep 25, 2001
System Calls & Libraries 2
GedankundmathematicsRecall the pointer verification case for fread( ) Can you speed up the checking process? What’s the best you could achieve? O(n)?
O(logn)? O(1)? What happens if you have >32 bits?
Aside: # atoms in universe = 1080, or 2256
Does this provide any other benefits?
System Calls & Libraries 3
Mechanics Is the project workable?
Has everyone started? Barring major problems, due Tuesday
midnight Readings updated
System Calls & Libraries 4
Protection Issues I/O protection
Prevent users from performing illegal I/Os Memory protection
Prevent users from modifying kernel code and data structures
CPU protection Prevent a user from using the CPU for too
long
System Calls & Libraries 5
Protection Is Not Safety/Security Protection is a prerequisite Safety can be separation of concerns Security related to overall design
Examples? Bad pointer access causing seg fault Sniffing cleartext passwords on the wire
System Calls & Libraries 6
Support in Modern Processors:User Kernel
User modeRegular instructionsAccess user-mode memory
Kernel (privileged) modeRegular instructionsAccess user-mode memory
An interrupt or exception (INT)
A special instruction (IRET)
System Calls & Libraries 7
Why a Privileged Mode? Special Instructions
Mapping, TLB, etc Device registers I/O channels, etc.
Mode Bits Processor features
Device access
System Calls & Libraries 8
x86 Protection Rings
Level 0
Level 1
Level 2
Level 3
Operating systemkernel
Operating systemservices
Applications
Privileged instructionsCan be executed onlyWhen current privilegedLevel (CPR) is 0
System Calls & Libraries 9
Other Design Approaches “Capabilities”
Fine-grained access control Crypto-like tokens
Microkernels OS services in user space Small core “hypervisor”
System Calls & Libraries 10
Monolithic All kernel routines
are together A system call
interface Examples:
Linux Most Unix OS NT
Kernelmany many things
entry
Userprogram
Userprogram
call
return
System Calls & Libraries 11
Monolithic Pros and ConsPros Relatively few crossings Shared kernel address space Performance
Cons Flexibility Stability Experimentation
System Calls & Libraries 12
Layered Structure Hiding information at
each layer Develop a layer at a
time Examples
THE (6 layers) MS-DOS (4 layers) Hardware
Level 1
Level 2
Level N...
System Calls & Libraries 13
Layering Pros and ConsPros Separation of concerns Simplicity / elegance
Cons Boundary crossings Performance?
System Calls & Libraries 14
Microkernel Micro-kernel is “micro” Services are
implemented as regular process
Micro-kernel get services on behalf of users by messaging with the service processes
Examples: Taos, Mach, L4
kernel
entry
Userprogram
Services
call
return
System Calls & Libraries 15
Microkernel Pros and ConsPros Easier to develop services Fault isolation Customization Smaller kernel => easier to optimize
Cons Lots of boundary crossings Really poor performance
System Calls & Libraries 16
Virtual Machine Virtual machine monitor
provide multiple virtual “real” hardware
run different OS codes
Example IBM VM/370 virtual 8086 mode Java VMWare Bare hardware
Small kernel
VM1 VMn. . .
OS1 OSn
user user
System Calls & Libraries 17
Hardware Support
What is the minimal support? Can virtual machine be protected without such
support?
Hint: what is a Turing machine?
System Calls & Libraries 18
System Call Mechanism
Kernel inprotected memory
entry
User code can be arbitrary User code cannot modify
kernel memory Makes a system call with
parameters The call mechanism switches
code to kernel mode Execute system call Return with results
Userprogram
Userprogram
call
return
System Calls & Libraries 19
Interrupt and Exceptions Interrupt Sources
Hardware (by external devices) Software: INT n
Exceptions Program error: faults, traps, and aborts Software generated: INT 3 Machine-check exceptions
See Intel document chapter 5, volume 3 for details
System Calls & Libraries 20
Interrupt and Exceptions (1)Vector # Mnemonic Description Type
0 #DE Divide error (by zero) Fault
1 #DB Debug Fault/trap
2 NMI interrupt Interrupt
3 #BP Breakpoint Trap
4 #OF Overflow Trap
5 #BR BOUND range exceeded Trap
6 #UD Invalid opcode Fault
7 #NM Device not available Fault
8 #DF Double fault Abort
9 Coprocessor segment overrun Fault
10 #TS Invalid TSS
System Calls & Libraries 21
Interrupt and Exceptions (2)
Vector # Mnemonic Description Type
11 #NP Segment not present Fault
12 #SS Stack-segment fault Fault
13 #GP General protection Fault
14 #PF Page fault Fault
15 Reserved Fault
16 #MF Floating-point error (math fault) Fault
17 #AC Alignment check Fault
18 #MC Machine check Abort
19-31 Reserved
32-255 User defined Interrupt
System Calls & Libraries 22
System Calls
Interface between a process and the operating system kernel
Categories Process management Memory management File management Device management Communication
System Calls & Libraries 23
OS Kernel: Trap Handler
HW Device Interrupt
HW exceptions
SW exceptions
System Service Call
Virtual address exceptions
HW implementation of the boundary
System service dispatcher System
services
Interrupt service routines
Exception dispatcher
Exception handlers
VM manager’s pager
Sys_call_table
System Calls & Libraries 24
Passing Parameters Affects and depends on
Architecture Compiler OS
Different choices for different purposes
System Calls & Libraries 25
Passing Parameters - RegistersPlace parameters in registers # of registers # of usable registers # of parameters in system call Spill/fill code in compiler
Really fast
System Calls & Libraries 26
Passing Parameters - VectorRegister holds vector address Single register Vector in user’s memory Nothing horrible, just not common
System Calls & Libraries 27
Passing Parameters - StackPlace parameters on stack Similar to vector approach Stack already exists Gets copied anyway
frame
frame
Top
System Calls & Libraries 28
Library Stubs for System Calls Use read( fd, buf, size) as
an example:int read( int fd, char * buf, int
size)
{
move fd, buf, size to R1, R2,
R3
move READ to R0
int $0x80
move result to Rresult
}
Userstack
Registers
Usermemory
Kernelstack
Registers
Kernelmemory
Linux: 80NT: 2E
System Calls & Libraries 29
System Call Entry Point
Userstack
Registers
Usermemory
Kernelstack
Registers
Kernelmemory
Assume passing parameters in registersEntryPoint:
switch to kernel stack
save context
check R0
call the real code pointed by R0
restore context
switch to user stack
iret (change to user mode and return)
System Calls & Libraries 30
Design & Performance Issues Can user code lie? One result register – large results? Parameters in user memory Multiprocessors
System Calls & Libraries 31
General Design Aesthetics Simplicity, obviousness Generality – same call handles many cases Composition / decomposition
But: Expressiveness Performance
System Calls & Libraries 32
Separation Of ConcernsMemory management Kernel allocates “pages” – hw protection Programs use malloc( ) – fine grained Kernel doesn’t care about small allocs
Allocates pages to library Library handles malloc/free
System Calls & Libraries 33
Library Benefits Call overhead
Chains of alloc/free don’t go to kernel Flexibility – easy to change policy
Fragmentation Coalescing, free list management
Easier to program
System Calls & Libraries 34
Feedback To The Program System calls, libraries are program to OS What about other direction?
Various exceptional conditions General information, like screen resize
When would this occur?
Answer: signals