Download Protection of System Resources

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Acorn MOS wikipedia , lookup

RSTS/E wikipedia , lookup

CP/M wikipedia , lookup

Spring (operating system) wikipedia , lookup

Burroughs MCP wikipedia , lookup

VS/9 wikipedia , lookup

Library (computing) wikipedia , lookup

Unix security wikipedia , lookup

Process management (computing) wikipedia , lookup

DNIX wikipedia , lookup

Transcript
Protection of System Resources




I/O Devices
Memory
CPU
Based on different modes of operation:



kernel mode and user mode.
Privileged instructions can be issued only in kernel
mode.
Mode bit in PSW, checked on every instruction.
Protection of I/O Devices


All I/O instructions are privileged instructions.
Only accessed through system calls.
Memory Protection



Must provide memory protection for the interrupt
vector, interrupt service routines, and other
applications address space.
Two registers that determine the range of legal
addresses a program may access:
 Base register – holds the smallest legal physical
memory address.
 Limit register – contains the size of the range
Memory outside the defined range is
protected.
Use of A Base and Limit
Register
Hardware Address Protection
CPU (and OS) Protection


Keep user from monopolizing CPU.
Ensure OS regains control of CPU.
CPU Protection

Timer – interrupts computer after specified
period to ensure operating system maintains
control.



Timer is decremented every clock tick.
When timer reaches the value 0, an interrupt
occurs.
Timer commonly used to implement
time sharing.
Privileged Instructions

Load base and limit registers?
Privileged Instructions


Load base and limit registers?
Set the system timer?
Privileged Instructions



Load base and limit registers?
Set the system timer?
Read the system clock?
Privileged Instructions




Set the system timer?
Read the system clock?
Load base and limit registers?
Open a file?
Privileged Instructions





Load base and limit registers?
Set the system timer?
Read the system clock?
Open a file?
Compile a program and create executable?
Privileged Instructions






Load base and limit registers?
Set the system timer?
Read the system clock?
Open a file?
Compile a program and create executable?
Enable/disable interrupts?
System Calls





Interface between executing program and OS defined by set of
system calls OS provides.
System call causes a TRAP to switch from user to kernel mode
and starts execution at interrupt vector location for TRAP
instruction.
Operating system looks at requested operation and any
parameters passed by the application.
Dispatches the correct system call handler through a table of
pointers to system call handlers.
Handler completes and (may) return to user code at the next
instruction. OS may schedule another process to execute.
System Call Interface



Example: num_bytes = read(file, buffer, nbytes) ;
Note: application level read is a library call, and the
library call invokes the read system call.
Code is inserted by the compiler to perform steps
necessary for call to library.
System Calls
Steps 1-3: Push parameters onto the stack.
Step 4. Calls read library function.
Step 5. Library puts system call number in register
(or other pre-defined location).
Step 6: Executes a TRAP instruction switching to kernel
mode.
Step 7. OS retrieves system call request and calls handler
(generally via a table indexed by system call number).
Step 8. System call handler executes system call.
Step 9. Call completes, may return to user level-level
library call at instruction immediately following TRAP
instruction. Count set to –1 if call failed or to
number of bytes actually read if successful.
Step 10. Library procedure returns to user program.
Step 11. User program resets stack pointer to clean
up library call.
System Calls for Process Management

Process Creation:





fork() system call.
Creates an exact duplicate of the calling process including all
variables, file descriptors, registers ……..
fork returns the process ID of child to the parent (pid), and
returns a zero to child.
After completion, two independent processes executing
“concurrently”.
The parent can choose to wait for the child process to
complete before resuming its execution.
Unix fork()
#include <stdio.h>
main(int argc, char *argv[])
{ int pid, j,k ;
j = 10 ;
k = 32 ;
pid = fork() ;
if (pid == 0) /*I am the child*/
{ Do childish things }
else /* I am the parent */
wait(NULL) ;
}
/* Block execution until
child terminates */
j = 10
k =32
pid = ?
fork()
j = 10
j = 10
k =32
k = 32
pid =
pid = 0
Set to pid of child.
Processes Tree on a UNIX System