Professional Documents
Culture Documents
th
Ed by Silberschatz, Galvin and Gagne
By Andrew DeNicola, BU ECE Class of 2012
Figures Copyright !ohn "iley # $ons 2012
Ch.1 - Introduction
An OS is a program that acts as an intermediary between a user of a computer and the computer hardware
Goals: Execute user programs, mae the comp! system easy to use, utilize hardware efficiently
"omputer system: #ardware $ OS $ Applications $ %sers &$ ' (uses()
OS is:
*esource allocator: decides between conflicting re+uests for efficient and fair resource use
"ontrol program: controls execution of programs to prevent errors and improper use of computer
,ernel: the one program running at all times on the computer
-ootstrap program: loaded at power.up or reboot
Stored in *O/ or E0*O/ &nown as firmware), 1nitializes all aspects of system, loads OS ernel and starts
execution
12O and "0% can execute concurrently
3evice controllers inform "0% that it is finished w2 operation by causing an interrupt
1nterrupt transfers control to the interrupt service routine generally, through the interrupt vector, which
contains the addresses of all the service routines
1ncoming interrupts are disabled while another interrupt is being processed
4rap is a software generated interrupt caused by error or user re+uest
OS determines which type of interrupt has occurred by polling or the vectored interrupt system
System call: re+uest to the operating system to allow user to wait for 12O completion
3evice.status table: contains entry for each 12O device indicating its type, address, and state
OS indexes into the 12O device table to determine device status and to modify the table entry to include
interrupt
Storage structure:
/ain memory 5 random access, volatile
Secondary storage 5 extension of main memory 4hat provides large non.volatile storage
3is 5 divided into tracs which are subdivided into sectors! 3is controller determines logical interaction
between the device and the computer!
"aching 5 copying information into faster storage system
/ultiprocessor Systems: 1ncreased throughput, economy of
scale, increased reliability
"an be asymmetric or symmetric
"lustered systems 5 6ined multiprocessor systems
/ultiprogramming 5 0rovides efficiency via 7ob scheduling
8hen OS has to wait &ex: for 12O), switches to another 7ob
4imesharing 5 "0% switches 7obs so fre+uently that each user
can interact with each 7ob while it is running &interactive computing)
3ual.mode operation allows OS to protect itself and other system components 5 %ser mode and ernel mode
Some instructions are only executable in ernel mode, these are privileged
Single.threaded processes have one program counter, multi.threaded processes have one 0" per thread
0rotection 5 mechanism for controlling access of processes or users to resources defined by the OS
Security 5 defense of a system against attacs
%ser 13s &%13), one per user, and Group 13s, determine which users and groups of users have which privileges
Ch.2 OS Structures
%ser 1nterface &%1) 5 "an be "ommand.6ine &"61) or Graphics %ser 1nterface &G%1) or -atch
4hese allow for the user to interact with the system services via system calls &typically written in "2"99)
Other system services that a helpful to the user include: program execution, 12O operations, file.system
manipulation, communications, and error detection
Services that exist to ensure efficient OS operation are: resource allocation, accounting, protection and security
/ost system calls are accessed by Application 0rogram 1nterface &A01) such as 8in:;, 0OS1<, =ava
%sually there is a number associated with each system call
System call interface maintains a table indexed according to these numbers
0arameters may need to be passed to the OS during a system call, may be done by:
0assing in registers, address of parameter stored in a bloc, pushed onto the stac by the program and popped
off by the OS
-loc and stac methods do not limit the number
or length of parameters being passed
0rocess control system calls include: end, abort, load,
execute, create2terminate process, wait, allocate2free
memory
>ile management system calls include: create2delete
file, open2close file, read, write, get2set attributes
3evice management system calls: re+uest2release
device, read, write, logically attach2detach devices
1nformation maintenance system calls: get2set time,
get2set system data, get2set process2file2device attributes
"ommunications system calls: create2delete
communication connection, send2receive, transfer status information
OS 6ayered approach:
4he operating system is divided into a number of layers &levels), each built on top of lower layers! 4he bottom
layer &layer ?), is the hardware@ the highest &layer A) is the user interface
8ith modularity, layers are selected such that each uses functions &operations) and services of only lower.level
layers
Birtual machine: uses layered approach, treats hardware and the OS ernel as though they were all hardware!
#ost creates the illusion that a process has its own processor and own virtual memory
Each guest provided with a (virtual( copy of the underlying computer
Application failures can generate core dump file capturing memory of the process
Operating system failure can generate crash dump file containing ernel memory
Ch.3 Processes
0rocess contains a program counter, stac, and data section!
4ext section: program code itself
Stac: temporary data &function parameters, return addresses, local
variables)
3ata section: global variables
#eap: contains memory dynamically allocated during run.time
0rocess "ontrol -loc &0"-): contains information associated with each
process: process state, 0", "0% registers, scheduling information,
accounting information, 12O status information
4ypes of processes:
12O -ound: spends more time doing 12O than computations, many
short "0% bursts
"0% -ound: spends more time doing computations, few very
long "0% bursts
8hen "0% switches to another process, the system must save the
state of the old process &to 0"-) and load the saved state &from 0"-)
for the new process via a context switch
4ime of a context switch is dependent on hardware
0arent processes create children processes &form a tree)
013 allows for process management
0arents and children can share all2some2none resources
0arents can execute concurrently with children or wait until
children terminate
for&) system call creates new process
exec&) system call used after a for to replace the processes( memory space with a new program
"ooperating processes need interprocess communication &10"): shared memory or message passing
/essage passing may be blocing or non.blocing
-locing is considered synchronous
-locing send has the sender bloc until the message is received
-locing receive has the receiver bloc until a message is available
Aon.blocing is considered asynchronous
Aon.blocing send has the sender send the message and continue
Aon.blocing receive has the receiver receive a valid message or null
Ch.4 Threads
4hreads are fundamental unit of "0% utilization that forms the basis of multi.threaded computer systems
0rocess creation is heavy.weight while thread creation is light.weight
"an simplify code and increase efficiency
,ernels are generally multi.threaded
/ulti.threading models include: /any.to.One, One.to.One, /any.to./any
/any.to.One: /any user.level threads mapped to single ernel thread
One.to.One: Each user.level thread maps to ernel thread
/any.to./any: /any user.level threads mapped to many ernel threads
4hread library provides programmer with A01 for creating and managing threads
1ssues include: thread cancellation, signal handling &synchronous2asynchronous), handling thread.specific data, and
scheduler activations!
"ancellation:
Asynchronous cancellation terminates the target thread immediately
3eferred cancellation allows the target thread to periodically chec if it should be canceled
Signal handler processes signals generated by a particular event, delivered to a process, handled
Scheduler activations provide upcalls 5 a communication mechanism from the ernel to the thread library!
Allows application to maintain the correct number of ernel threads
Ch.5 CPU Scheduling
0rocess execution consists of a cycle of "0% execution and 12O wait
"0% scheduling decisions tae place when a process:
Switches from running to waiting &nonpreemptive)
Switches from running to ready &preemptive)
Switches from waiting to ready &preemptive)
4erminates &nonpreemptive)
4he dispatcher module gives control of the "0% to the process selected by the short.term scheduler
3ispatch latency. the time it taes for the dispatcher to stop one process and start another
Scheduling algorithms are chosen based on optimization criteria &ex: throughput, turnaround time, etc!)
>">S, S=>, Shortest.*emaining.4ime.>irst &preemptive S=>), *ound *obin, 0riority
3etermining length of next "0% burst: Exponential Averaging:
C! tn ' actual length of n
th
"0% burst
;! Dn9C ' predicted value for the next "0% burst
:! E, ? F E F C &commonly E set to C2;)
G! 3efine: Dn9C ' EHtn 9 &C.E)Dn
0riority Scheduling can result in starvation, which can be solved by
aging a process &as time progresses, increase the priority)
1n *ound *obin, small time +uantums can result in large amounts of
context switches
4ime +uantum should be chosen so that I?J of processes have
shorter burst times that the time +uantum
/ultilevel Kueues and /ultilevel >eedbac Kueues have multiple
process +ueues that have different priority levels
1n the >eedbac +ueue, priority is not fixed L 0rocesses can be promoted and demoted to different +ueues
>eedbac +ueues can have different scheduling algorithms at different levels
/ultiprocessor Scheduling is done in several different ways:
Asymmetric multiprocessing: only one processor accesses system data structures L no need to data share
Symmetric multiprocessing: each processor is self.scheduling ¤tly the most common method)
0rocessor affinity: a process running on one processor is more liely to continue to run on the same processor
&so that the processor(s memory still contains data specific to that specific process)
6ittle(s >ormula can help determine average wait time per process in any scheduling algorithm:
n ' M x 8
n ' avg +ueue length@ 8 ' avg waiting time in +ueue@ M ' average arrival rate into +ueue
Simulations are programmed models of a computer system with variable clocs
%sed to gather statistics indicating algorithm performance
*unning simulations is more accurate than +ueuing models &lie 6ittle(s 6aw)
Although more accurate, high cost and high ris
Ch.6 Process Snchroni!ation
*ace "ondition: several processes access and manipulate the same data concurrently, outcome depends on which
order each access taes place!
Each process has critical section of code, where it is manipulating data
4o solve critical section problem each process must as permission to enter critical section in entry section,
follow critical section with exit section and then execute the remainder section
Especially difficult to solve this problem in preemptive ernels
0eterson(s Solution: solution for two processes
4wo processes share two variables: int turn and Boolean flag[2]
turn: whose turn it is to enter the critical section
flag: indication of whether or not a process is ready to enter critical section
flag[i] = true indicates that process 0i is ready
Algorithm for process 0i:
do N
flagOiP ' 4*%E@
turn ' 7@
while &flagO7P QQ turn '' 7)
critical section
flagOiP ' >A6SE@
remainder section
R while &4*%E)@
/odern machines provide atomic hardware instructions: Atomic ' non.interruptable
Solution using 6ocs:
do N
ac+uire loc
critical section
release loc
remainder section
R while &4*%E)@
Solution using 4est.And.Set: Shared boolean variable loc, initialized to >A6SE
Solution using Swap: Shared bool variable loc initialized to >A6SE@ Each process has local bool variable ey
Semaphore: Synchronization tool that does not re+uire busy waiting
Standard operations: wait&) and signal&) S these are the only operations that can access semaphore S
"an have counting &unrestricted range) and binary &? or C) semaphores
3eadloc: 4wo or more processes are waiting indefinitely for an event that can be caused by only one of the waiting
processes &most OSes do not prevent or deal with deadlocs)
"an cause starvation and priority inversion &lower priority process holds loc needed by higher.priority
process)
boolean 4estAndSet &boolean Htarget)N
boolean rv ' Htarget@
Htarget ' 4*%E@T
return rv:
R
do N
while & 4estAndSet &Qloc ))
@ 22 do
nothing
22 critical section
loc ' >A6SE@
22 remainder section
R while &4*%E)@
void Swap &boolean Ha, boolean Hb)N
boolean temp ' Ha@
Ha ' Hb@
Hb ' temp:
R
do N
ey ' 4*%E@
while & ey '' 4*%E)
Swap &Qloc,
Qey )@
22 critical section
loc ' >A6SE@
22 remainder section
R while &4*%E)@
Ch.6 Process Snchroni!ation Continued
Other synchronization problems include -ounded.-uffer 0roblem and *eaders.8riters 0roblem
/onitor is a high.level abstraction that provides a convenient and effective mechanism for process synchronization
"an utilize condition variables to suspend a resume processes &ex: condition x, y@)
#old and 8ait: process holding one resource is waiting to ac+uire resource held by another process
Ao 0reemption: a resource can be released only be the process holding it after the process completed its tas
"ircular 8ait: set of waiting processes such that 0n.C is waiting for resource from 0n, and 0n is waiting for 0?
Only part of program needs to be in memory for execution L logical address space Z physical address space
/ust decide to abort if the reference is invalid, or if the desired page is 7ust not in memory yet
1f the latter: get empty frame, swap page into frame, reset tables to indicate page now in memory, set
validation bit, restart instruction that caused the page fault
1f an instruction accesses multiple pages near each other L less UpainV because of locality of reference
3emand 0aging only brings a page into memory when it is needed L less 12O and memory needed
6azy swapper 5 never swaps a page into memory unless page will be needed
0erformance: EA4 ' O&C.p)Hmemory access 9 pH&page fault overhead 9 swap page out 9 swap page in 9 restart
overhead)P@ where 0age >ault *ate ? p C
"an optimize demand paging by loading entire process image to swap space at process load time
0ure 3emand 0aging: process starts with no pages in memory
"opy.on.8rite &"O8) allows both parent and child processes to initially share the same pages in memory
1f either process modifies a shared page, only then is the page copied
/odify &dirty) bit can be used to reduce overhead of page transfers L only modified pages written to dis
8hen a page is replaced, write to dis if it has been mared dirty and swap in desired page
0ages can be replaced using different algorithms: >1>O, 6*% &below)
Stac can be used to record the most recent page references &6*% is a UstacV algorithm)
si ' size of process 0i, S ' [si, m ' total number of frames, ai 5 allocation for 0i
ai ' &si2S)Hm
Global replacement: process selects a replacement frame from set of all frames
Greater throughput
6ocal replacement: each process selects from only its own set of allocated frames
4hrashing: a process is busy swapping pages in and out L minimal wor is actually being performed
/emory.mapped file 12O allows file 12O to be treated as routine memory access by mapping a dis bloc to a page
in memory
12O 1nterloc: 0ages must sometimes be loced into memory
Ch.1* +ile-Sste' Inter,ace
>ile 5 %niform logical view of information storage &no matter the medium)
/apped onto physical devices &usually nonvolatile)
Smallest allotment of nameable storage
4ypes: 3ata &numeric, character, binary), 0rogram, >ree form, Structured
Structure decided by OS and2or program2programmer
Attributes:
Aame: Only info in human.readable form
1dentifier: %ni+ue tag, identifies file within the file system
4ype, Size
6ocation: pointer to file location
4ime, date, user identification
>ile is an abstract data type
Operations: create, write, read, reposition within file, delete, truncate
Global table maintained containing process.independent open file information: open.file table
0er.process open file table contains pertinent info, plus pointer to entry in global open file table
Open file locing: mediates access to a file &shared or exclusive)
/andatory 5 access denied depending on locs held and re+uested
Advisory 5 process can find status of locs and decide what to do
>ile type can indicate internal file structure
Access /ethods: Se+uential access, direct access
Se+uential Access: tape model of a file
3irect Access: random access, relative access
3is can be subdivided into partitions@ diss or partitions can be *A13
protected against failure!
"an be used raw without a file.system or formatted with a file system
0artitions also nows as minidiss, slices
Bolume contains file system: also tracs file system(s info in device directory or volume table of contents
>ile system can be general or special.purpose! Some special purpose >S:
tmpfs 5 temporary file system in volatile memory
ob7fs 5 virtual file system that gives debuggers access to ernel symbols
ctfs 5 virtual file system that maintains info to manage which processes start when system boots
lofs 5 loop bac file system allows one file system to be accessed in place of another
procfs 5 virtual file system that presents information on all processes as a file system
3irectory is similar to symbol table 5 translating file names into their directory entries
Should be efficient, convenient to users, logical grouping
4ree structured is most popular 5 allows for grouping
"ommands for manipulating: remove 5 rm\file.nameZ @ mae new sub directory . mdir\dir.nameZ
"urrent directory: default location for activities 5 can also specify a path to perform activities in
Acyclic.graph directories adds ability to directly share directories between users
Acyclic can be guaranteed by: only allowing shared files, not shared sub directories@ garbage collection@
mechanism to chec whether new lins are O,
>ile system must be mounted before it can be accessed 5 ernel data structure eeps trac of mount points
1n a file sharing system %ser 13s and Group 13s help identify a user(s permissions
"lient.server allows multiple clients to mount remote file systems from servers 5 A>S &%A1<), "1>S &8indows)
"onsistency semantics specify how multiple users are to access a shared file simultaneously 5 similar to
synchronization algorithms from "h!]
One way of protection is "ontrolled Access: when file created, determine r2w2x access for users2groups
File-System Organization
Ch.11 +ile Sste' I'-le'entation
>ile system resides on secondary storage 5 diss@ file system is organized into layers L
>ile control bloc: storage structure consisting of information about a file &exist per.file)
3evice driver: controls the physical device@ manage 12O devices
>ile organization module: understands files, logical addresses, and physical blocs
4ranslates logical bloc number to physical bloc number
/anages free space, dis allocation
6ogical file system: manages metadata information 5 maintains file control blocs
-oot control bloc: contains info needed by system to boot OS from volume
Bolume control bloc: contains volume details@ ex: total ^ blocs, ^ free blocs, bloc size, free bloc pointers
*oot partition: contains OS@ mounted at boot time
>or all partitions, system is consistency checed at mount time
"hec metadata for correctness 5 only allow mount to occur if so
Birtual file systems provide ob7ect.oriented way of implementing file systems
3irectories can be implemented as 6inear 6ists or #ash 4ables
6inear list of file names with pointer to data blocs 5 simple but slow
#ash table 5 linear list with hash data structure 5 decreased search time
Good if entries are fixed size
"ollisions can occur in hash tables when two file names hash to same
location
"ontiguous allocation: each file occupies set of contiguous blocs
Simple, best performance in most cases@ problem 5 finding space for file, external fragmentation
Extent based file systems are modified contiguous allocation schemes 5 extent is allocated for file allocation
6ined Allocation: each file is a lined list of blocs 5 no external fragmentation
6ocating a bloc can tae many 12Os and dis sees
1ndexed Allocation: each file has its own index bloc&s) of pointers to its data blocs
Aeed index table@ can be random access@ dynamic access without external fragmentation but has overhead
-est methods: lined good for se+uential, not random@ contiguous good for se+uential and random
>ile system maintains free.space list to trac available blocs2clusters
-it vector or bit map &n blocs): bloc number calculation L &^bits2word)H&^ ?.value words)9&offset for C
st
bit)
Example: bloc size ' G,- ' ;C; bytes
dis size ' ;G? bytes &C terabyte)
n ' ;G?2;C; ' ;;I bits &or ;WX /-)
if clusters of G blocs .Z XG/- of memory
Space maps &used in _>S) divide device space into metaslab units and manages metaslabs
Each metaslab has associated space map
-uffer cache 5 separate section of main memory for fre+uently used blocs
Synchronous writes sometimes re+uested by apps or needed by OS 5 no buffering
/echanism: OS provides access.matrix and rules 5 ensures matrix is only manipulated by authorized users
0olicy: %ser dictates policy 5 who can access what ob7ect and in what mode
Solaris C? uses role.based access control &*-A") to implement least privilege
*evocation of access rights
Access list: delete access rights from access list 5 simple, immediate
"apability list: re+uired to locate capability in system before capability can be revoed 5 reac+uisition, bac.
pointers, indirection, eys
6anguage.-ased 0rotection: allows high.level description of policies for the allocation and use of resources
"an provide software for protection enforcement when hardware.supported checing is unavailable
Ch.15 Securit
System secure when resources used and accessed as intended under all
circumstances
Attacs can be accidental or malicious
Easier to protect against accidental than malicious misuse
Security violation categories:
-reach of confidentiality 5 unauthorized reading of data
-reach of integrity 5 unauthorized modification of data
-reach of availability 5 unauthorized destruction of data
4heft of service 5 unauthorized use of resources
3enial of service 5 prevention of legitimate use
/ethods of violation:
/as+uerading 5 pretending to be an authorized user
/an.in.the.middle 5 intruder sits in data flow, mas+uerading as sender to
receiver and vice versa
Session hi7acing 5 intercept and already established session to bypass authentication
Effective security must occur at four levels: physical, human, operating system, networ
0rogram threats: tro7an horse &spyware, pop.up, etc!), trap door, logic bomb, stac and buffer overflow
Biruses: code fragment embedded in legitimate program@ self.replicating
Specific to "0% architecture, OS, applications
Birus dropper: inserts virus onto the system
8indows is the target for most attacs 5 most common, everyone is administrator
8orms: use spawn mechanism 5 standalone program
0ort scanning: automated attempt to connect to a range of ports on one or a range of 10 addresses
>re+uently launched from zombie systems to decrease traceability
3enial of service: overload targeted computer preventing it from doing useful wor
"ryptography: means to constrain potential senders and2or receivers 5 based on eys
Allows for confirmation of source, receipt by specified destination, trust relationship
Encryption: O, of eysP, O/ of messagesP, O" of ciphertextsP, function E:, to encrypt, function 3:, to decrypt
"an have symmetric and asymmetric &distributes public encryption ey, holds private decipher ey) encryption
Asymmetric is much more compute intensive 5 not used for bul data transaction
,eys can be stored on a ey ring
"an#in#the#middle attac$ # symmetric
Cryptography
Ch.15 Securit Continued
Authentication: constraining a set of potential senders of a message
#elps to prove that the message is unmodified
#ash functions are basis of authentication
"reates small, fixed.size bloc of data &message digest, hash value)
Symmetric encryption used in message.authentication code &/A")
Authenticators produced from authentication algorithm are digital signatures
Authentication re+uires fewer computations than encryption methods
3igital "ertificates: proof of who or what owns a public ey
3efense in depth: most common security theory 5 multiple layers of security
"an attempt to detect intrusion:
Signature.based: detect Ubad patternsV
Anomaly detection: spots differences from normal behavior
-oth can report false positives or false negatives
Auditing, accounting, and logging specific system or networ activity
>irewall: placed between trusted and untrusted hosts
6imits networ access between the two domains
"an be tunneled or spoofed
0ersonal firewall is software layer on given host
"an monitor2limit traffic to2from host
Application proxy firewall: %nderstands application protocol and can control them
System.call firewall: /onitors all important system calls and apply rules and restrictions to them