Unix system calls (part 1) • history and usage of Python • basic data types and the type hierarchy • syntax • modules and variable scopes http://codeschool.org/ This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Unix system calls (part 1) http://codeschool.org/ This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. This is one part of a larger series. You may need to view previous parts to understand this material. http://codeschool.org/ This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. It’s a Unix system! 1980’s System V BSD today Linux Mac OS X FreeBSD, OpenBSD POSIX (Portable Operating System Interface for Unix) SUS (Single Unix Specification) Process A Process B jump to system call code via special instruction Process C kernel RAM … … system call 7 0xFF 31 01 11 system call 6 0xFF 90 44 44 system call 5 0xFF 31 01 11 system call 4 0xFF 31 21 14 system call 3 0xA2 22 00 10 system call 2 0x82 87 95 94 system call 1 0x20 15 10 00 system call 0 0x76 00 00 00 kernel code stack jump to system call code via special instruction heap heap heap code pages only accessible in system calls frame of syscall stack space frame of fish frame of dog frame of cat frame of main created terminated waiting running blocked • processes • files • networking sockets • signals • inter-process communication • terminals • threads • I/O devices ssize_t read(int fd, void *buf, size_t count); ssize_t read(int fd, void *buf, size_t count); read(fd) process: address space user ids file descriptors environment current and root directory stack heap heap code kernel code stack heap heap uninitialized data initialized data code global variables without initial values global variables with initial values kernel code stack starts empty, grows automatically heap explicitly allocated during execution heap uninitialized data initialized data code global variables without initial values global variables with initial values a.k.a. the “text” mmap (‘memory map’ pages to the process address space) munmap (‘memory unmap’ pages from the process address space) mmap (‘memory map’ pages to the process address space) munmap (‘memory unmap’ pages from the process address space) address = mmap(5000) … # do stuff with memory at address munmap(address) kernel code stack heap heap mmap fails when not enough space heap heap uninitialized data initialized data code if fork() == 0: … // new (child) process else: … // original (parent) process stack byte n heap heap RAM code byte 0 HD fork stack byte n heap heap RAM code stack byte 0 heap heap code HD fork stack byte n heap heap RAM code stack byte 0 heap heap code HD fork stack byte n heap heap RAM code stack byte 0 heap heap code HD fork stack byte n heap heap RAM code copy stack byte 0 heap heap code HD fork exec stack heap heap code exec code (executable) if fork() == 0: // new (child) process exec(‘/games/pong’) else: … // original (parent) process pid 1 (init) pid 17 pid 85 pid 230 pid 24 pid 104 pid 34 pid 50 _exit (terminate the process) _exit(0) wait (block the process until child process terminates) pid = fork() if pid == 0: // new (child) process exec(‘/games/pong’) else: // original (parent) process code = wait(pid) TERM=xterm SHELL=/bin/bash USER=greys MAIL=/var/mail/ted PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin PWD=/home/ted EDITOR=vim name=value pid 1 (init), user 0 pid 17, user 4 pid 85, user 8 pid 230, user 8 pid 24, user 33 pid 104, user 33 pid 34, user 4 pid 50, user 4 user accounts: /etc/passwd user accounts: /etc/passwd superuser/root = user id 0 privileged to do anything it wants each process has three user ids: “real” id: the owning user “effective” id: determines privileges “saved” id: set by exec to match the effective id each file and directory is owned by a single user exec (sets effective and saved ids when binary file has setuid bit) exec (sets effective and saved ids when binary file has setuid bit) seteuid (sets effective user id) setuid (sets real, effective, and saved user ids) exec (sets effective and saved ids when binary file has setuid bit) seteuid (sets effective user id) setuid (sets real, effective, and saved user ids) non-superuser can only directly set effective id to match the real or saved id pid 1 (init), user 0 pid 2 (login), user 0 pid 3 (shell), user 1780 pid 1 (init), user 0 fork, exec pid 2 (login), user 0 pid 3 (shell), user 1780 pid 1 (init), user 0 fork, exec pid 2 (login), user 0 fork, setuid, exec pid 3 (shell), user 1780 user groups: /etc/group • user may belong to multiple groups but has one “primary” group • each file and directory is owned by one group • each process has a real, effective, and saved group id • binary files have setgid bit • setegid and setgid rwx rwx rwx user group other rwx rwx rwx user group other if file_user_id == effective_user_id: user class else if file_group_id == effective_group_id: group class else: other file permissions: read: can read bytes of file write: can modify bytes of file execute: can exec file directory permissions: read: can get names of files write: can add/remove/rename files execute: can use in file paths directory permissions: read: can get names of files write: can add/remove/rename files execute: can use in file paths /adams/taft/garfield/eisenhower directory permissions: read: can get names of files write: can add/remove/rename files execute: can use in file paths /adams/taft/garfield/eisenhower /adams/taft/ (OK) rwx rwx rwx user r-xr-xr-x rw-r----r-x--x--x rwx------ group other /adams/lincoln /adams/cleveland /roosevelt /fillmore rwx rwx rwx user dr-xrw-r-x group other /adams/ http://codeschool.org/ This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.