CPSC 3220 - DAY 4 SEPTEMBER 5, 2017 ================================================================================ Kernel is Interrupt-Driven Interrupt handlers are the entry points into the kernel Interrupt handlers are software! Interrupt Return instruction (IRET) restores PC and PSR Interrupt Masking ----------------- Interrupt handler runs with interrupts off or restricted. Re-enabled when interrupt completes OS kernel can also turn interrupts off Eg. when determining the next process/ thread to run On x86 CLI: disable interrupts STI: enables interrupts Only applies to the current CPU (on a multicore) Interrupt Handlers ------------------ Non-blocking, runs to completion Minimum necessary to allow device to take next interrupt Any waiting must be limited duration Wake up other threads to do any real work Eg. device driver runs as a kernel thread. Interrupt Stack --------------- Per-processor, located in kernel (not user) memory Interrupt response will save PC, PSR, and user SP on the interrupt stack and then set the new SP to the top of the interrupt stack Why can't the interrupt handler run on the user stack of the interrupted user process? Case Study: MIPS Interrupt/ Trap -------------------------------- Two entry points: TLB miss handler, everything else Save type: syscall, exception, interrupt And which type of interrupt/ exception Save program counter: where to resume Save old mode, interrupt persmission bits to status register Set mode bit to kernel Set interrupts disabled For memory faults Save virtual address and virtual page Jump to general exception handler Case Study: x86 Interrupt ------------------------- Save current stack pointer (SS:ESP) Save current program counter (CS:EIP) Save current processor status (EFLAGS) Switch to interrupt stack; push saved values onto that stack Switch to kernel mode Get handler address from interrupt vector table Interrupt handler saves registers it might overwrite Kernel Stacks ------------- Per-process located in kernel memory There may still be a per-processor interrupt stack Fixed size and locked in memory Only trusted components such as interrupt handlers and kernel routines use them Kernel stack and SP are always in valid states Access by kernel cannot cause a page fault No accesses allowed to user code. System Call ----------- Request kernel to perform a privileged action Library routine acts as wrapper function (stub) around a trap into the kernel Sets registers to pass the appropriate system call identification code and any parameters (e.g., size, address) Trap is intentional interrupt. Example User wants to open file, calls system call, kernel checks that the files are formed correctly and the user has permission, then the kernel opens the file copies the return value into user mem. Kernel System Call Handler -------------------------- Locate arguments In registers or on user stack Translate user addresses into kernel addresses Copy arguments From user memory into kernel memory Protect kernel from Time of check, Time of use attack Validate arguments Protect kernel from errors in user code Copy results back into user memory Translate kernel addresses into user addresses Starting a new process ---------------------- Kernel builds user and kernel stacks for a new process to look like the process was interrupted before even the first instruction was executed Avoids special case checking in the dispatcher, so dispatching is slightly faster. Upcall: User-level event delivery Notify user process of some event that needs to be handled right away. Time Expiration Real time user interface. Time slice for user-level thread manager Signal in UNIX, asynchronous event in Windows Upcalls vs Interrupts --------------------- Signal handlers = interrupt handlers Signal stack = interrupt stack Automatic save/ restore registers = transparent resume Signal masking: signals disabled while in signal handler Virtual Machine Monitor / Hypervisor ------------------------------------ Protection - failure isolated to a single VM instance Replication - run different types or versions of OS -Developing software for multiple platforms -Testing of OS modifications -Running legacy applications with an older version of OS -Running an "appliance" = application and tuned OS instance distributed as a VM Hardware consolidation - one physical machine appears as multiple virtual servers. Live migration - load balancing and repair