Operating System Concepts chapter 21 CS 355 Operating Systems Dr. Matthew Wright Linux History • First written by Linus Torvalds, a Finnish student, in 1991. – Version 0.01 did not support networking and ran only on 80386compatible Intel processors. • Source code was made freely available online, and development has involved collaboration of many individuals worldwide. • Terminology: – Linux kernel: original software developed by the Linux community – Linux system: includes some original components and some borrowed from other projects – Linux distribution: includes the Linux system along with administrative tools to simplify installation and maintenance • Linux 1.0 released in 1994, included networking and a better file system. • Linux 2.0 released in 1996, included support for multiple architectures, including multiprocessors • Latest stable version is 3.8, released April 17, 2013. Linux Distributions • How do you install Linux? – Option 1: Download and compile the necessary components. – Option 2: Choose a precompiled distribution of Linux. • Hundreds of distributions are available, including: – Ubuntu: www.ubuntu.com – Linux Mint: www.linuxmint.com – Fedora: www.fedoraproject.org – Debian: www.debian.org – OpenSUSE: www.opensuse.org/en/ – Arch Linux: www.archlinux.org • Linux is highly compatible with UNIX and implements many of the same standards. Components of a Linux System • The Linux system contains three main bodies of code: – Kernel: maintains processes, virtual memory, protection, etc. – System libraries: define a standard set of functions through which applications can interact with the kernel – System utilities: programs that perform specialized management tasks, including daemons that handle tasks such as responding to incoming network connections • To improve performance, the kernel is created as a single program. – Uses a single address space for all kernel code and data structures – Minimizes context switches in kernel mode Kernel Modules • Linux kernel consists of modules, which can be loaded/unloaded on demand. – For example, a module might be a device driver, loaded when needed. – Modules can be compiled invidually. • Module support has three components: – Module management: allows modules to be loaded into memory and communicate with the rest of the kernel – Kernel maintains a symbol table of addresses necessary for module communication – Driver registration: allows modules to tell the rest of the kernel that a new driver has become available – Kernel maintains tables of drivers – Conflict-resolution mechanism: allows different device drivers to reserve hardware resources and protect those resources from accidental use by another driver – Kernel maintains tables of devices Process Management • Linux implements the fork() and exec() process model. • Process identity consists of the following items: – Process ID (PID): unique identifier, used to specify the process to the kernel – Credentials: associated user and group IDs that determine the rights of the process to access system resources and files – Personality: the personality identifier can slightly modify the semantics of system calls • Process environment: argument vector lists the command-line arguments used to run the program; environment vector stores variables used to customize the operation of the process • Process context: state of the running program; includes scheduling context, accounting information, file table, file-system context, signalhandler table, and virtual memory context Scheduling • Linux has two process-scheduling algorithms. • Time-sharing scheduler: provides fair, preemptive scheduling – Each process has a numeric priority; lower numbers are higher priority and receive larger time slices. – A runnable task is eligible for execution as long as it has time remaining on its time slice. – When a task exhausts its time slice, it is considered expired and is not eligible for execution again until all other runnable tasks are expired. • Real-time scheduler: for real-time tasks – The scheduler always runs the process with the highest priority. – Multiple processes of the same priority are scheduled FCFS or round-robin. Kernel Synchronization • A request for kernel-mode execution can occur in two ways – A running program may request an operating system service, either explicitly via a system call, or implicitly, for example, when a page fault occurs. – A device driver may deliver a hardware interrupt that causes the CPU to start executing a kernel-defined handler for that interrupt. • Kernel synchronization requires a framework that will allow the kernel’s critical sections to run without interruption by another critical section. • Linux introduced a preemptive kernel in Version 2.6, so kernel tasks can now be preempted. – Linux provides semaphores for locking in the kernel. – Multiprocessor machines use spinlocks for short durations; single processor machines disable preemption instead. Kernel Synchronization • Interrupt service routines are separated into a top half and a bottom half: – The top half is a normal interrupt service routine, and runs with interrupts of lower priority disabled. – The bottom half is then run, with all interrupts enabled, by a miniature scheduler that ensures that bottom halves never interrupt themselves. – This architecture is completed by a mechanism for disabling selected bottom halves while executing normal, foreground kernel code. • Each level may be interrupted by code running at a higher level, but will never be interrupted by code running at the same or a lower level. • User processes can always be preempted by another process when a time-sharing scheduling interrupt occurs. Memory Management • The Linux kernel allocates memory to itself using the buddy system as well as slab allocation. • Virtual memory paging system allocates memory to processes. • The pageout-policy algorithm decides which pages to write out to disk. – Uses a modified version of the second-chance (clock) algorithm. – Each page has an age that is adjusted on each pass of the clock. – The age value allows the algorithm to select pages on a LRU policy. • The paging mechanism actually carries out the transfer, and pages data back into physical memory as needed: – Supports paging both to dedicated swap partitions and to normal files. – Uses a next-fit algorithm to write pages to contiguous disk blocks. File Systems • Linux uses UNIX’s standard file-system model. – A file can be anything capable of handling input or output of a data stream. – Device drivers, network connections, etc. can appear as files. – Implementation details are abstracted behind the virtual file system (VFS) software layer. • Linux VFS is designed using object-oriented principles. – Inode object: represents an individual file (or directory) – File object: represents an open file – Superblock object: represents an entire file system – Dentry object: represents an individual directory entry, cached for speed • Certain operations may be performed on these objects by system calls. Input and Output • In Linux, device drivers appear as normal files. – Users open an access channel to a device in the same way they open any other file. – Devices are protected by the same permission system as files. • Linux recognizes three classes of devices: – Block devices: allow random access to independent, fixed-size blocks of data (e.g. disks, CD-ROMs, flash memory) – Character devices: sequential access, data not necessarily in blocks – Network devices: users communicate with network devices through the kernel’s network subsystem • As of Version 2.6, the disk scheduler does not allow starvation. Interprocess Communication • Like UNIX, Linux informs processes that an event has occurred via signals. – There is a limited number of signals, and they cannot carry information: only the fact that a signal occurred is available to a process. – The Linux kernel does not use signals to communicate with processes with are running in kernel mode, rather, communication within the kernel is accomplished via scheduling states and wait queue structures. • Linux offers several mechanisms for passing data between processes: – The pipe mechanism allows a child process to inherit a communication channel to its parent, data written to one end of the pipe can be read a the other. – Shared memory offers an extremely fast way of communicating; any data written by one process to a shared memory region can be read immediately by any other process that has mapped that region into its address space. Network Structure • Networking is a key area of functionality for Linux. – It supports the standard Internet protocols for UNIX-to-UNIX communications. – It also implements protocols native to non-UNIX operating systems, in particular, protocols used on PC networks, such as Appletalk and IPX. • Networking in the Linux kernel is implemented by three software layers: – Socket interface: works with network addresses for a variety of network protocols – Protocol drivers: implements creation and reassembly of packets, routing between hosts, etc. – Network device drivers: interface with specific devices Security • Linux’s security model is closely related to UNIX security mechanisms. • Authentication: no one can access system without entry rights – Uses a publically-readable password file to store encrypted passwords. – Pluggable authentication modules (PAM): allows on-demand loading of authentication modules that improve security • Access control: no one can access objects within the system without access rights – Files, devices, and other objects share the same access-control system. – Implemented through numeric identifiers for users (UID) and groups (GID) – Objects have a protection mask that specifies which access modes (read, write, or execute) are granted to owner, group, and world.