Operating System Structures

advertisement
TDDB68
Concurrent programming and
operating systems
Operating System Structures
 How to manage OS complexity?
Operating System Structures
and Virtual Machines

Divide-and-conquer!

Decompose into smaller components
with well-defined interfaces and dependences
Layered
Approach
Microkernels
Modules
[SGG7/8] Chapter 2.7-2.8
[SGG9] Chapter 2.7, 1.11.6
Virtual
Machines
Copyright Notice: The lecture notes are mainly based on Silberschatz’s, Galvin’s and Gagne’s book (“Operating System
Concepts”, 7th ed., Wiley, 2005). No part of the lecture notes may be reproduced in any form, due to the copyrights
reserved by Wiley. These lecture notes should only be used for internal teaching purposes at the Linköping University.
Christoph Kessler, IDA,
Linköpings universitet.
TDDB68, C. Kessler, IDA, Linköpings universitet.
Simple Structure
Layered Approach
 MS-DOS – written to provide the most functionality in the least
 The operating system is
space

Not divided into
modules

Although MS-DOS
has some structure,
its interfaces and levels
of functionality are
not well separated
divided into a number of
layers (levels, rings),
each built on top of lower layers.

Bottom layer (0) = hardware

Top layer (N) = user interface

Functions in layer i call only
functions/services in layers < i
(strict layering: only in i or i-1)
 Modularity

TDDB68, C. Kessler, IDA, Linköpings universitet.
Silberschatz, Galvin and Gagne ©2005
13.2
13.3
Silberschatz, Galvin and Gagne ©2005
System and application programs
UNIX System Structure: 3 Layers
Layer i+1
Interface of a layer:
upwards-exposed services +
downwards-required services
TDDB68, C. Kessler, IDA, Linköpings universitet.
Layer i
13.4
Layer i-1
Silberschatz, Galvin and Gagne ©2005
THE OS: 6 Layers
 A layered design was first used in the THE operating system
[Dijkstra’68, Technische Hogeschool at Eindhoven, NL]
layer 5: user programs
layer 4: buffering for input and output
layer 3: operator-console device driver
layer 2: memory management
layer 1: CPU scheduling
layer 0: hardware
see SGG7 Ch. 23.4, p. 847
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.5
Silberschatz, Galvin and Gagne ©2005
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.6
Silberschatz, Galvin and Gagne ©2005
1
Problems of the layered approach
Microkernel System Structure
 Cyclic dependences between different OS components
 “Lean kernel”: Moves as much service functionality as
Example:

Backing store driver for swapping
should be able to call CPU scheduler to release the CPU
while waiting for I/O

CPU scheduler needs to know about memory needs of all
active processes, on a large system this information
resides in memory that is possibly swapped out...
Long call chains (e.g. I/O) down to system calls, possibly
with parameter copying/modification at several levels
 Compromise solution: Have few layers
TDDB68, C. Kessler, IDA, Linköpings universitet.


Easier to extend a microkernel
Easier to port the operating system to new architectures
More reliable (less code is running in kernel mode)
More secure
 Detriments:
 Performance overhead of user space to kernel space
communication
Silberschatz, Galvin and Gagne ©2005

 Less efficient

possible from the kernel into “user” space
 Kernel: Minimal process and memory management; IPC
 Communication between user modules by message passing
 Example: Mach kernel, used e.g. in Tru64 Unix or Mac OS-X
 Benefits:
13.7
Silberschatz, Galvin and Gagne ©2005

TDDB68, C. Kessler, IDA, Linköpings universitet.
13.8
Modules
Example: Mac-OS X ”Darwin”
 Most modern operating systems implement kernel modules
 Hybrid structure: Layering + Microkernel + Modules
 Component-based approach:



Each core component is separate
Each talks to the others over known interfaces
Each is loadable as needed within the kernel
Application environments,
common services, GUI services
BSD Unix kernel:
Command-line interface, networking,
file system support, POSIX implem.
 Example: Solaris
loadable kernel modules,
Linux,
Mac-OS X
Kernel
extensions:
device drivers,
dynamically
loadable modules
Mach Microkernel:
Memory mgmt, thread scheduling, IPC, RPC
 Overall, similar to layers
but more flexible
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.9
Silberschatz, Galvin and Gagne ©2005
Virtual Machines
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.10
Silberschatz, Galvin and Gagne ©2005
Virtual Machines (Cont.)
 A virtual machine provides an interface identical to the underlying bare
hardware (or to some other real or fictive machine).

Example: Multitasking OS creates the illusion that each process
executes on its own (virtual) processor with its own (virtual) memory.

Example: qemu (used in Pintos labs) simulates x86 hardware
Example: The Java VM simulates an abstract computer that executes
Java bytecode.

guest
OS
 Virtual machine implementation (VM monitor, hypervisor)
intercepts operations and interprets them.
 Several virtual machines may share the resources of a physical computer:

CPU scheduling: create illusion that users have their own processor
Virtual disks with virtual file systems on physical disk / file system
 A normal user time-sharing terminal serves as the virtual machine
operator’s console
 Can run multiple and different OS’s on the same physical computer


Examples: VMware, Xen
TDDB68, C. Kessler, IDA, Linköpings universitet.
Non-virtual Machine
Virtual Machine
Monitor (VMM),
Hypervisor
(a) Nonvirtual machine
13.11
Silberschatz, Galvin and Gagne ©2005
TDDB68, C. Kessler, IDA, Linköpings universitet.
Virtual Machine
(b) Virtual machines
13.12
Silberschatz, Galvin and Gagne ©2005
2
Virtual Machines – Advantages, Drawbacks
VMware Architecture
 Complete protection of system resources
since each virtual machine is isolated from all other virtual machines.

however, permits no direct sharing of resources.
 Perfect vehicle for operating-systems research, development, teaching

System development is done on the virtual machine,
instead of on a physical machine
and so does not disrupt normal system operation.
 Portability across multiple platforms (host OS, hardware)


Java VM
Legacy binary codes for obsolete hardware still operational
 Saves appl.-server hardware costs if clients demand a private system

”Most servers today run at <15% utilization, TCO ~10k$/yr/server” [Xen]
 Difficult to implement

to provide an exact duplicate to the underlying machine
 Old idea!

1972 by IBM on System/360
TDDB68, C. Kessler, IDA, Linköpings universitet.
Silberschatz, Galvin and Gagne ©2005
13.13
Virtualization technology overview
Lightweight virtualization:
Paravirtualization
Lightweight virtualization:
OS-level virtualization
Hardware
virtualization
Emulates real or fictitious
hardware
”Almost” same hardware
(barring speed and size)
Virtualization done by the
host OS
Guest HW
!= host HW
+ guest HW != host HW
possible
+ different host and guest
OSs possible
No VMM
+ diff. guest OSs possible
- VMM needed
+ guest OS is not aware
of the host OS beneath
- guest OS to be rewritten + Multiple instances of
to be VMM-aware
same OS possible
(fix privileged
+ Low overhead
instructions)
+ Can scale up to
- still overhead
hundreds of VMs
 # of VMs limited
e.g. for virtual private
On-the-fly
instruction
translation in
hardware
- VMM needed to dispatch virtual kernel
mode privileged
instructions
- translation overhead
servers
VM/370 (IBM), VMware,
Xen
Bochs, QEMU, Parallels,
UML
Microsoft Virtual Server,
Denali
Java JVM, C#/.NET CLR
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.15
(binary
translation)
+ Fast
- Only one OS
(NB - different
goal)
Solaris 10 ”Zones”
Transmeta
(Containers),
Crusoe
OpenVZ, Virtuozzo, Linux- processor
VServer,
(x86 on VLIW
FreeBSD-Jails
- more power
efficient)
Silberschatz, Galvin and Gagne ©2005
virtualized
OS-Level Virtualization Example:
Solaris 10 Containers (”Zones”)
User programs
System programs
CPU resources
Memory resources
Global zone
Silberschatz, Galvin and Gagne ©2005
13.14
Paravirtualization Example: Xen
Traditional virtualization:
Virt. machine/Emulation
Guest OS = Host OS
(and same HW)
TDDB68, C. Kessler, IDA, Linköpings universitet.
Control
Plane
Software
User
software
User
software
User
software
Guest OS
(XenoLinux)
Guest OS
(XenoLinux)
Guest OS
(XenoBSD)
Guest OS
(XenoXP)
Xeno-Aware
Device Drivers
Xeno-Aware
Device Drivers
Xeno-Aware
Device Drivers
Xeno-Aware
Device Drivers
Domain0
control
interface
Virtual
x86
CPU
Virtual
MMU
Virtual
physical
memory
Virtual
network
Virtual
blockdevices
XEN
hyper
visor
Hardware (SMP x86, MMU, physical memory, network access, SCSI/IDE)
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.16
Adapted from: P. Barham et al.: Xen and the Art
Silberschatz,
Galvin
and Gagne ©2005
of Virtualization.
Proc. SOSP
2003
The Java Virtual Machine
User programs
System programs
Network addresses
Device access
CPU resources
Memory resources
User programs
System programs
Network addresses
Device access
CPU resources
Memory resources
Zone 1
Zone 2
Possibly untrusted
applets from internet
JVM
Virtual platform
Device management
All accesses to
system resources
mediated by JVM
 ”Sandbox”
Zone Management
Solaris Kernel
Network addresses
Devices
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.17
Silberschatz, Galvin and Gagne ©2005
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.18
Silberschatz, Galvin and Gagne ©2005
3
Hardware support for virtualization
Summary: Operating System Structures
 Simulate mode bit, system call effects, … in software???
 How to manage OS complexity?
 Second hardware mode bit in status register

Physical mode bit used only by VMM / host kernel
Virtual
machine incl. guest OS
runs in physical user mode

kernel mode vs virtual user mode
Access

Decompose into smaller components
with well-defined interfaces and dependences
Approach
Modules
Virtual
Virtual machines run in guest mode
Completely

Microkernels
 AMD: host mode vs guest mode

Divide-and-conquer!
Layered
Virtual mode bit used by guest OS
Virtual

unaware of the virtualization
to virtualized devices traps to VMM/host OS
VMM / virtualizing kernel13.19
can switch to host
mode
Silberschatz,
Galvin and Gagne ©2005
TDDB68, C. Kessler, IDA, Linköpings universitet.
Machines
–
Traditional Virtualization
–
Light-Weight Virtualization
(Paravirtualization, OS-level virtualization)
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.20
Silberschatz, Galvin and Gagne ©2005
Literature: Virtual Machines, Virtualization
 IEEE Computer May 2005 special issue on Virtual Machines
e.g.
R. Uhlig et al.: Intel Virtualization Technology.
IEEE Computer, May 2005, pp. 48-56.
 XenSource: XenTM: Enterprise Grade Open Source




Virtualization: Inside XenTM 3.0. White Paper V06012006,
www.xensource.com
P. Barham et al.: Xen and the Art of Virtualization.
Proc. of SOSP 2003, pp. 164-177, ACM press.
S. Bellovin: Virtual Machines, Virtual Security?
Communications of the ACM 49(10): 104, Oct. 2006
M. Price: The Paradox of Security in Virtual Environments.
IEEE Computer Nov. 2008, pp. 22-28.
And many others...
TDDB68, C. Kessler, IDA, Linköpings universitet.
13.21
Silberschatz, Galvin and Gagne ©2005
4
Download