##################################################### ## ## [CS5600] Computer Systems ## Summary of the lecture ## ## Date & Time : 9/8/2010, 7pm-8pm (2nd session) ## ##################################################### 1. Overview (1) General understanding - There are many different operating systems including windows, linux, mac os, android, ... - Typically, O/S is a software is of milions of codes built by thousands men ==> complex and buggy - O/S provides many services : network, video, audio, ... (2) The simplest o/s we can imagine Basic services needed : a. Scheduling of processes b. Initialization of hardware (loading device drivers) (Q) What is a driver? c. Memory management (Q) Simplest way to manage memory? * It's important to ensure that user applications are not able to access kernel memory. 2. O/S Services : Multiple processes and users (1) Multiple processes - Scheduling (Q) What if OS can't schedule? no multitask. * multitask : running more than one process - Guarantee of isolation To prevent a process from accessing memory of another process (Q) How can we deal with this? with hardware support. (2) Multiple users - Benifit of a multiuser system : n users can have n desktop envrionments with one O/S. - Then the O/S has more responsibility of security. There could be some malicious users. We want to ensure that data doesn't leak from one user to another. 3. O/S Services : Protection and Security (1) Protection - What is protection? To isolate processes each other Each process has its own view of world. (memory) - Mechanism a. Preemption give certain resources to a process (ensured) b. Interposition prevent accessing any pieces of memory it chooses. we can check if the process actually running on the memory. c. Privilege mode There are certain instructions on cpu not to be used by user applications. (instructions for kernel only) ex) - changing virtual memory table - changing current priviage mode - rebooting the machine - talking to i/o device (2) Security (Q) What's the difference from protection? : It concerns more about attacks. - viruses, worms, id thieves, ... - Denial of service attack (DoS) (Q) How can we deny a service? - i/o : disk drive (back and forward) - cpu ex) using while loop (infinite loop) while(1){fork();} This is called forkground. It can kill the O/S. (Modern kernels can handle with this.) - Security problems can be solved both technically and socially. 4. O/S Structure (1) Types of O/S - Monolithic : A kernel has all the services. Everything runs in privilege mode. - Microkernel : A kernel has a few services as little as it can. Some services run on the user space. (ex. file system) * A kernel works as an interface between H/W and user. (2) Kernel interaction with user process - I/O control - process management - allocating memory - user => kernel : "System Calls" - The way that it works : a. switches user mode to kernel mode b. stops executing user program & starts executing kernel (Q) How many functions would be called for copy command? : A number of system calls are needed. printing texts on monitor user input check if the file exists open files read write close files, ... (Q) How many system calls exist? - standard : about 200 - vista : about 400 - microkernel : for an extreme example, 7 system calls. (only for messaging. other services run in user space.)