Chapter 21 PowerPoint

advertisement
Operating System Concepts
chapter 21
CS 355
Operating Systems
Dr. Matthew Wright
Linux History
• First written by Linus Torvalds, a Finnish student, in 1991.
– Version 0.01 did not support networking and ran only on 80386compatible Intel processors.
• Source code was made freely available online, and development has
involved collaboration of many individuals worldwide.
• Terminology:
– Linux kernel: original software developed by the Linux community
– Linux system: includes some original components and some borrowed
from other projects
– Linux distribution: includes the Linux system along with administrative
tools to simplify installation and maintenance
• Linux 1.0 released in 1994, included networking and a better file system.
• Linux 2.0 released in 1996, included support for multiple architectures,
including multiprocessors
• Latest stable version is 3.8, released April 17, 2013.
Linux Distributions
• How do you install Linux?
– Option 1: Download and compile the necessary components.
– Option 2: Choose a precompiled distribution of Linux.
• Hundreds of distributions are available, including:
– Ubuntu: www.ubuntu.com
– Linux Mint: www.linuxmint.com
– Fedora: www.fedoraproject.org
– Debian: www.debian.org
– OpenSUSE: www.opensuse.org/en/
– Arch Linux: www.archlinux.org
• Linux is highly compatible with UNIX and implements many of the same
standards.
Components of a Linux System
• The Linux system contains three main bodies of code:
– Kernel: maintains processes, virtual memory, protection, etc.
– System libraries: define a standard set of functions through which
applications can interact with the kernel
– System utilities: programs that perform specialized management
tasks, including daemons that handle tasks such as responding to
incoming network connections
• To improve performance, the kernel is created as a single program.
– Uses a single address space for all kernel code and data structures
– Minimizes context switches in kernel mode
Kernel Modules
• Linux kernel consists of modules, which can be loaded/unloaded on
demand.
– For example, a module might be a device driver, loaded when needed.
– Modules can be compiled invidually.
• Module support has three components:
– Module management: allows modules to be loaded into memory and
communicate with the rest of the kernel
– Kernel maintains a symbol table of addresses necessary for module
communication
– Driver registration: allows modules to tell the rest of the kernel that a
new driver has become available
– Kernel maintains tables of drivers
– Conflict-resolution mechanism: allows different device drivers to reserve
hardware resources and protect those resources from accidental use by
another driver
– Kernel maintains tables of devices
Process Management
• Linux implements the fork() and exec() process model.
• Process identity consists of the following items:
– Process ID (PID): unique identifier, used to specify the process to the
kernel
– Credentials: associated user and group IDs that determine the rights of
the process to access system resources and files
– Personality: the personality identifier can slightly modify the
semantics of system calls
• Process environment: argument vector lists the command-line
arguments used to run the program; environment vector stores
variables used to customize the operation of the process
• Process context: state of the running program; includes scheduling
context, accounting information, file table, file-system context, signalhandler table, and virtual memory context
Scheduling
• Linux has two process-scheduling algorithms.
• Time-sharing scheduler: provides fair, preemptive scheduling
– Each process has a numeric priority; lower numbers are higher priority and
receive larger time slices.
– A runnable task is eligible for execution as long as it has time remaining on its
time slice.
– When a task exhausts its time slice, it is considered expired and is not eligible
for execution again until all other runnable tasks are expired.
• Real-time scheduler: for real-time tasks
– The scheduler always runs the process with the highest priority.
– Multiple processes of the same priority are scheduled FCFS or round-robin.
Kernel Synchronization
• A request for kernel-mode execution can occur in two ways
– A running program may request an operating system service, either
explicitly via a system call, or implicitly, for example, when a page fault
occurs.
– A device driver may deliver a hardware interrupt that causes the CPU
to start executing a kernel-defined handler for that interrupt.
• Kernel synchronization requires a framework that will allow the kernel’s
critical sections to run without interruption by another critical section.
• Linux introduced a preemptive kernel in Version 2.6, so kernel tasks can
now be preempted.
– Linux provides semaphores for locking in the kernel.
– Multiprocessor machines use spinlocks for short durations; single
processor machines disable preemption instead.
Kernel Synchronization
• Interrupt service routines are separated into a top half and a bottom half:
– The top half is a normal interrupt service routine, and runs with interrupts of
lower priority disabled.
– The bottom half is then run, with all interrupts enabled, by a miniature
scheduler that ensures that bottom halves never interrupt themselves.
– This architecture is completed by a mechanism for disabling selected bottom
halves while executing normal, foreground kernel code.
• Each level may be interrupted by code running at a higher level, but will never
be interrupted by code running at the same or a lower level.
• User processes can
always be preempted
by another process
when a time-sharing
scheduling interrupt
occurs.
Memory Management
• The Linux kernel allocates memory to itself using the buddy system as
well as slab allocation.
• Virtual memory paging system allocates memory to processes.
• The pageout-policy algorithm decides which pages to write out to disk.
– Uses a modified version of the second-chance (clock) algorithm.
– Each page has an age that is adjusted on each pass of the clock.
– The age value allows the algorithm to select pages on a LRU policy.
• The paging mechanism actually carries out the transfer, and pages data
back into physical memory as needed:
– Supports paging both to dedicated swap partitions and to normal files.
– Uses a next-fit algorithm to write pages to contiguous disk blocks.
File Systems
• Linux uses UNIX’s standard file-system model.
– A file can be anything capable of handling input or output of a data
stream.
– Device drivers, network connections, etc. can appear as files.
– Implementation details are abstracted behind the virtual file system
(VFS) software layer.
• Linux VFS is designed using object-oriented principles.
– Inode object: represents an individual file (or directory)
– File object: represents an open file
– Superblock object: represents an entire file system
– Dentry object: represents an individual directory entry, cached for
speed
• Certain operations may be performed on these objects by system calls.
Input and Output
• In Linux, device drivers appear as normal files.
– Users open an access channel to a device in the same way they open
any other file.
– Devices are protected by the same permission system as files.
• Linux recognizes three classes of devices:
– Block devices: allow random access to independent, fixed-size blocks
of data (e.g. disks, CD-ROMs, flash memory)
– Character devices: sequential access, data not necessarily in blocks
– Network devices: users communicate with network devices through
the kernel’s network subsystem
• As of Version 2.6, the disk scheduler does not allow starvation.
Interprocess Communication
• Like UNIX, Linux informs processes that an event has occurred via signals.
– There is a limited number of signals, and they cannot carry information:
only the fact that a signal occurred is available to a process.
– The Linux kernel does not use signals to communicate with processes with
are running in kernel mode, rather, communication within the kernel is
accomplished via scheduling states and wait queue structures.
• Linux offers several mechanisms for passing data between processes:
– The pipe mechanism allows a child process to inherit a communication
channel to its parent, data written to one end of the pipe can be read a
the other.
– Shared memory offers an extremely fast way of communicating; any data
written by one process to a shared memory region can be read
immediately by any other process that has mapped that region into its
address space.
Network Structure
• Networking is a key area of functionality for Linux.
– It supports the standard Internet protocols for UNIX-to-UNIX
communications.
– It also implements protocols native to non-UNIX operating systems, in
particular, protocols used on PC networks, such as Appletalk and IPX.
• Networking in the Linux kernel is implemented by three software layers:
– Socket interface: works with network addresses for a variety of
network protocols
– Protocol drivers: implements creation and reassembly of packets,
routing between hosts, etc.
– Network device drivers: interface with specific devices
Security
• Linux’s security model is closely related to UNIX security mechanisms.
• Authentication: no one can access system without entry rights
– Uses a publically-readable password file to store encrypted passwords.
– Pluggable authentication modules (PAM): allows on-demand loading
of authentication modules that improve security
• Access control: no one can access objects within the system without
access rights
– Files, devices, and other objects share the same access-control system.
– Implemented through numeric identifiers for users (UID) and groups
(GID)
– Objects have a protection mask that specifies which access modes
(read, write, or execute) are granted to owner, group, and world.
Download