CPSC 3220 - DAY 3 AUGUST 31, 2017 ================================================================================ PHYSICAL +---------------------------------+ MEMORY | COMPILING AND LOADING A PROGRAM | +---------------------------------+ | | __> | MACHINE INSTRUCTION| / +--------------------+ | | DATA | PROCESS -> | +--------------------+ | | HEAP | | +--------------------+ | | STACK | | +--------------------+ +--------+ +--------------+ | | | | SOURCE | | EXE | | | | USER -> | CODE | -> COMPILER -> | IMAGE |-/ | | +--------+ | INSTRUCTIONS | | | | AND DATA | +--------------------+ +--------------+ | MACHINE INSTRUCTION| +--------------------+ | DATA | +--------------------+ OPERATING SYSTEM KERNEL -> | HEAP | +--------------------+ | STACK | +--------------------+ | | Process concept --------------- A process is the OS abstraction for executing a program with limited privileges. Dual-mode operation: user vs. kernel ------------------------------------ Kernel mode: execute with complete privileges User-mode: execute with fewer privileges Safe control transfer --------------------- How do we switch from one mode to other? Process Abstraction ------------------- Process: an instance of a program, running with limited rights. Thread: a sequence of instructions within a process. -Potentially many threads per process (for now 1:1) Address space: the range of valid addresses Allocated resources: the physical memory, files, and network connections the process can currently access. [in some systems] Capabilites: the permissions the process has Hardware Support: Dual-Mode Operation ------------------------------------- Kernel mode -Execution with the full privileges of the hardware -Read/write to any memory, access any I/O device, read/write any disk sector, send and receive any packet. User mode -Limited privileges -Only those granted by the operating system kernel Mode bit stored in processor status register -this is stored in CS register on x86 systems. Timer -To regain control from a user program in a loop Privileges instructions -Change mode bit in processor status register -Change which memory locations a user program can access -Send commands to I/O devices -Jump into kernel code. Non-Privileged ("safe") instructions -Load, store -Add, subtract -Conditional branch, jump to subroutine Allowed to execute in both kernel and user modes -OS and applications all need the ability to add numbers -OS and applications all need the ability to use loops and call subroutines. Invalid Instructions -Attempt to execute a privileged instruction in user mode? -Typically, the attempt is an error, but for selected instructions, we will use this response to intentionally invoke the OS (Note: could be inefficient way to implement a virtual machine that is running a guest OS completely in user mode) Simple Memory Protection -Having register guards, set two bounds and check each time memory is accessed. Inefficient because have to do 2 compares each time. -A better approach is to have a 0, as start and one bound. One check to make sure memory accesses are within bounds. Types of Alerts to Kernel ------------------------- Exceptions, e.g., divide by 0 Intentionally invoke kernel for system calls Timer interrupts I/O interrupts, e.g., completion of error Asysnchronous - unrelated to current instruction (interrupt) Synchronous - related to instruction being executed "exception" "fault" "trap" For some processor manufacturers, these terms are synonyms; for others, there are subtle differences (ex. in the way the stack is handled and whether the faulting instruction can be resumed or restarted) Hardware Timer -------------- Hardware device that periodically interrupts the processor -Transfers control to the kernel timer interrupt handler -Interrupt frequency set by the kernel Not by user code! -Interrupts can be temporarily deferred Not by user code! Interrupt defferal is crucial for implementing mutual exclusion Mode Switch ----------- From user to kernel mode -Interrupts triggered by timer and I/O devices -Exceptions triggered by unexpected/malicious behavior -System calls request for kernel to do some operation on its behalf - only limited number of very carefully coded entry points. From kernel mode to user mode -New process/ new thread start -Jump to first instruction in program/thread -Return from interrupt, exception, system call -Resume suspended execution -Process/ thread context switch -Resume some other process -User-level upcall (UNIX signal) -Asynchronous notification to user program. Interrupt Vector Table ---------------------- Table is set by kernel At a fixed location in kernel memory or located using a privileged register Contains pointers to code to run in response to different events Code segments are called "interrupt handlers" or "interrupt service routines" Generic Interrupt Response -------------------------- 1. Save PC and PSR 2. Change execution mode to kernel 3. Disable or restrict further interrupts 4. Load new PC from interrupt vector table => Transfers control into the kernel at a kernel-defined entry point