Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Operating Systems 1.1 Introduction An operating system (OS) is the system software responsible for direct control and management of basic operations of a computing system; it provides a platform upon which application programs are run. Examples of Operating System are Windows Vista, UNIX and Linux 1.2 – Hardware Basics and Protection Issues Hardware Basics. Advances in hardware technology (fueled by Moore’s Law) make the Operating Systems of today feasible. In the past, Operating Systems were constructed with little or no hardware assists, and they were slow! They worked, but slowly. The intelligent controllers mentioned earlier, make multi-programming possible. Storage hierarchies (especially cache) allow faster and faster processors to execute instructions in a single processor, von Neumann architecture. RISC architectures allow multiple instruction and/or data streams at the machine cycle level. Hardware memory managers allow address translation and fetch of contents from memory to be done quickly. These, and other hardware advances, allow multi-user, multi-process systems to function with a minimal amount of software overhead. (A first definition of OS overhead – i.e. the time spent by the OS in management tasks. CPU time is spent by the OS on behalf of processes, but the processes themselves do no work.) Protection. In the multi-user, multi-process system protection and security become critical. Processes need to be protected from each other. The OS needs to be protected from all other processes. (Almost all programmers from the MS-DOS era, remember writing a C language program that made use of pointers. We remember writing over instructions of our debugger or MS-DOS itself and “trashing” the system. The solution was simple – simply reboot. That’s not a feasible option in today’s multi-user systems.) The first line of defense in protection of OS resources and the OS itself from errant processes is the “dual mode of operation”. Using this model, certain instructions in the machine architecture are declared to be “privileged”. These always include basic I/O instructions (to controllers or memory mapped devices), the Halt instruction, timer management instructions, and interrupt processing instructions. A special hardware bit is added to the system whose binary value indicates the mode of execution. This bit is changed by the hardware itself in response to a specific software interrupt. Privileged instructions can only be executed by kernel mode instructions. User mode instructions (making up the user process itself) are executed in user mode. When the user process desires to use OS resources or to have the OS execute instructions or manage resources on its behalf, it issues what is known as a System Call. A System Call typically involves a function call from within the program, a software interrupt, a mode change, execution of kernel instructions, and a return to user mode. Many times, a number is passed to the OS along with parameter values (in registers, on the stack, or in accessible memory) to indicate which OS module to execute. Topic 1_3 will discuss the System Call interface in more detail. Security. In addition to this low level mode or protection, higher level security features provided by the OS provide defense of a system from external and internal attacks. The older, basic UNIX mechanism revolved around the assignment of id’s to a user. In UNIX/Linux systems this consisted of two numbers, a user ID (UID) and a group ID (GID). This combination of ID numbers defined the access rights of the user to his/her and other files. The Windows XP security system is more sophisticated (and harder to manage). It also is based on the idea of users and user ID’s, with the addition that every resource access managed by the OS has an associated access control list. When a process requests access to or use of such a resource, a security monitor checks the process’ security token against the access control list. In essence, each object knows which processes can access it.