Operating System Structure

advertisement
Operating System Structure
Announcements
• Make sure you are registered for CS 415
• First CS 415 project is up
– Initial design documents due next Friday, February 2nd
– Project due following Thursday, February 8th
• Everyone should have access to CMS
(http://cms3.csuglab.cornell.edu)
– Check and contact me (hweather@cs.cornell.edu) or Bill Hogan
(whh@cs.cornell.edu) today if you do not have access to CMS
• Also, everyone should have CSUGLab account
– Contact Bill or I if you do not
Review: Protecting
Processes from Each Other
• Problem: Run multiple applications in such a way that
they are protected from one another
• Goal:
– Keep User Programs from Crashing OS
– Keep User Programs from Crashing each other
– [Keep Parts of OS from crashing other parts?]
• (Some of the required) Mechanisms:
– Dual Mode Operation
– Address Translation (base/limit registers, page tables, etc)
– Privileged instructions (set timer, I/O, etc)
• Simple Policy:
– Programs are not allowed to read/write memory of other
Programs or of Operating System
Review: Dual Mode Operation
• Hardware provides at least two modes:
– “Kernel” mode (or “supervisor” or “protected”)
– “User” mode: Normal programs executed
• Some instructions/ops prohibited in user mode:
– Example: cannot modify page tables in user mode
• Attempt to modify  Exception generated
• Transitions from user mode to kernel mode:
– System Calls, Interrupts, Other exceptions
Today’s Lectures
• I/O subsystem and device drivers
• Interrupts and traps
• Protection, system calls and operating mode
• OS structure
• What happens when you boot a computer?
Operating System Structure
• An OS is just another kind of program running on the
CPU – a process:
– It has main() function that gets called only once (during boot)
– Like any program, it consumes resources (such as memory)
– Can do silly things (like generating an exception), etc.
• But it is a very sophisticated program:
– “Entered” from different locations in response to external events
– Does not have a single thread of control
• can be invoked simultaneously by two different events
• e.g. sys call & an interrupt
– It is not supposed to terminate
– It can execute any instruction in the machine
How do you start the OS?
• Your computer has a very simple program pre-loaded in
a special read-only memory
– The Basic Input/Output Subsystem, or BIOS
• When the machine boots, the CPU runs the BIOS
• The BIOS, in turn, loads a “small” OS executable
– From hard disk, CD-ROM, or whatever
– Then transfers control to a standard start address in this image
– The small version of the OS loads and starts the “big” version.
• The two stage mechanism is used so that BIOS won’t need to
understand the file system implemented by the “big” OS kernel
• File systems are complex data structures and different kernels
implement them in different ways
• The small version of the OS is stored in a small, special-purpose file
system that the BIOS does understand
What does the OS do?
• OS runs user programs, if available, else enters idle loop
• In the idle loop:
– OS executes an infinite loop (UNIX)
– OS performs some system management & profiling
– OS halts the processor and enter in low-power mode (notebooks)
– OS computes some function (DEC’s VMS on VAX computed Pi)
• OS wakes up on:
– interrupts from hardware devices
– traps from user programs
– exceptions from user programs
OS Control Flow
main()
From boot
Initialization
Interrupt
System call
Exception
Idle
Loop
Operating System Modules
RTI
Operating System Structure
• Simple Structure: MS-DOS
– Written to provide the most functionality in the least space
– Applications have direct
control of hardware
• Disadvantages:
– Not modular
– Inefficient
– Low protection or security
General OS Structure
App
App
App
API
File
Systems
Security
Module
Extensions &
Add’l device drivers
Memory
Manager
Process
Manager
Network
Support
Service
Module
Device
Drivers
Interrupt
handlers
Monolithic Structure
Boot &
init
Layered Structure
• OS divided into number of layers
– bottom layer (layer 0), is the hardware
– highest (layer N) is the user interface
– each uses functions and services of only lower-level layers
• Advantages:
– Simplicity of construction
– Ease of debugging
– Extensible
• Disadvantages:
– Defining the layers
– Each layer adds overhead
Layered Structure
App
App
App
API
File
Systems
Memory
Manager
Process
Manager
Network
Support
Object
Support
Machine dependent basic implementations
Hardware Adaptation Layer (HAL)
Extensions &
Device
Interrupt
Add’l device drivers
Drivers
handlers
Boot &
init
Microkernel Structure
• Moves as much from kernel into “user” space
• User modules communicate using message passing
• Benefits:
– Easier to extend a microkernel
– Easier to port the operating system to new architectures
– More reliable (less code is running in kernel mode)
– More secure
– Example: Mach, QNX
• Detriments:
– Performance overhead of user to kernel space communication
– Example: Evolution of Windows NT to Windows XP
Microkernel Structure
App
File
Systems
Memory
Manager
Process
Manager
App
Security
Module
Network
Support
Basic Message Passing Support
Extensions &
Add’l device drivers
Device
Drivers
Interrupt
handlers
Boot &
init
Modules
• Most modern OSs implement kernel modules
– Uses object-oriented approach
– Each core component is separate
– Each talks to the others over known interfaces
– Each is loadable as needed within the kernel
• Overall, similar to layers but with more flexible
• Examples: Solaris, Linux, MAC OS X
UNIX structure
Windows Structure
Modern UNIX Systems
MAC OS X
Virtual Machines
• Implements an observation that dates to Turing
– One computer can “emulate” another computer
– One OS can implement abstraction of a cluster of computers,
each running its own OS and applications
• Incredibly useful!
– System building
– Protection
• Cons
– implementation
• Examples
– VMWare, JVM
VMWare Structure
But is it real?
• Can the OS know whether this is a real
computer as opposed to a virtual
machine?
– It can try to perform a protected operation…
but a virtual machine monitor (VMM) could
trap those requests and emulate them
– It could measure timing very carefully… but
modern hardware runs at variable speeds
• Bottom line: you really can’t tell!
Modern version of this question
• Can the “spyware removal” program tell
whether it is running on the real computer,
or in a virtual machine environment
created just for it?
– Basically: no, it can’t!
• Vendors are adding “Trusted Computing
Base” (TCB) technologies to help
– Hardware that can’t be virtualized
– We’ll discuss it later in the course
Download