Windows 2000 System Mechanisms Computing Department, Lancaster University, UK.

Slides:



Advertisements
Similar presentations
Processes and Threads Chapter 3 and 4 Operating Systems: Internals and Design Principles, 6/E William Stallings Patricia Roy Manatee Community College,
Advertisements

计算机系 信息处理实验室 Lecture 3 System Mechanisms (1)
The Kernel Abstraction. Challenge: Protection How do we execute code with restricted privileges? – Either because the code is buggy or if it might be.
Architectural Support for OS March 29, 2000 Instructor: Gary Kimura Slides courtesy of Hank Levy.
Architectural Support for Operating Systems. Announcements Most office hours are finalized Assignments up every Wednesday, due next week CS 415 section.
Introduction to Operating Systems – Windows process and thread management In this lecture we will cover Threads and processes in Windows Thread priority.
1 Process Description and Control Chapter 3. 2 Process Management—Fundamental task of an OS The OS is responsible for: Allocation of resources to processes.
Home: Phones OFF Please Unix Kernel Parminder Singh Kang Home:
OS Spring’03 Introduction Operating Systems Spring 2003.
Advanced OS Chapter 3p2 Sections 3.4 / 3.5. Interrupts These enable software to respond to signals from hardware. The set of instructions to be executed.
Computer System Structures memory memory controller disk controller disk controller printer controller printer controller tape-drive controller tape-drive.
Threads CS 416: Operating Systems Design, Spring 2001 Department of Computer Science Rutgers University
What do operating systems do? manage processes manage memory and computer resources provide security features execute user programs make solving user.
Chapter 13: I/O Systems I/O Hardware Application I/O Interface
1 CSC 2405: Computer Systems II Spring 2012 Dr. Tom Way.
Introduction to Embedded Systems
Interrupts. What Are Interrupts? Interrupts alter a program’s flow of control  Behavior is similar to a procedure call »Some significant differences.
Protection and the Kernel: Mode, Space, and Context.
1 Computer System Overview Chapter 1. 2 n An Operating System makes the computing power available to users by controlling the hardware n Let us review.
OS provide a user-friendly environment and manage resources of the computer system. Operating systems manage: –Processes –Memory –Storage –I/O subsystem.
Windows NT and Real-Time? Reading: “Inside Microsoft Windows 2000”, (Solomon, Russinovich, Microsoft Programming Series) “Real-Time Systems and Microsoft.
Contact Information Office: 225 Neville Hall Office Hours: Monday and Wednesday 12:00-1:00 and by appointment.
Recall: Three I/O Methods Synchronous: Wait for I/O operation to complete. Asynchronous: Post I/O request and switch to other work. DMA (Direct Memory.
Operating Systems ECE344 Ashvin Goel ECE University of Toronto OS-Related Hardware.
Windows 2000 Course Summary Computing Department, Lancaster University, UK.
The Functions of Operating Systems Interrupts. Learning Objectives Explain how interrupts are used to obtain processor time. Explain how processing of.
Lecture 3 Process Concepts. What is a Process? A process is the dynamic execution context of an executing program. Several processes may run concurrently,
CE Operating Systems Lecture 11 Windows – Object manager and process management.
NT Kernel CS Spring Overview Interrupts and Exceptions: Trap Handler Interrupt Request Levels and IRT DPC’s, and APC’s System Service Dispatching.
Interrupt driven I/O. MIPS RISC Exception Mechanism The processor operates in The processor operates in user mode user mode kernel mode kernel mode Access.
1 CSE451 Architectural Supports for Operating Systems Autumn 2002 Gary Kimura Lecture #2 October 2, 2002.
Lecture Topics: 10/29 Architectural support for operating systems –timers –kernel mode –system calls –protected instructions.
We will focus on operating system concepts What does it do? How is it implemented? Apply to Windows, Linux, Unix, Solaris, Mac OS X. Will discuss differences.
CE Operating Systems Lecture 2 Low level hardware support for operating systems.
Operating Systems 1 K. Salah Module 1.2: Fundamental Concepts Interrupts System Calls.
System Components ● There are three main protected modules of the System  The Hardware Abstraction Layer ● A virtual machine to configure all devices.
Silberschatz, Galvin and Gagne  Applied Operating System Concepts Chapter 2: Computer-System Structures Computer System Architecture and Operation.
CE Operating Systems Lecture 2 Low level hardware support for operating systems.
Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS3: Concurrency 3.3. Advanced Windows Synchronization.
Interrupt driven I/O Computer Organization and Assembly Language: Module 12.
1 Process Description and Control Chapter 3. 2 Process A program in execution An instance of a program running on a computer The entity that can be assigned.
Time Management.  Time management is concerned with OS facilities and services which measure real time.  These services include:  Keeping track of.
Interrupts and Exception Handling. Execution We are quite aware of the Fetch, Execute process of the control unit of the CPU –Fetch and instruction as.
Embedded Real-Time Systems Processing interrupts Lecturer Department University.
1.1 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 1: Introduction What Operating Systems Do √ Computer-System Organization.
Introduction to Operating Systems Concepts
CS 3214 Computer Systems Lecture 9 Godmar Back.
Interrupts and exceptions
Processes and threads.
Process concept.
Microprocessor Systems Design I
Protection and OS Structure
CS 6560: Operating Systems Design
Anton Burtsev February, 2017
Overview of today’s lecture
Structure of Processes
Chapter 3: Windows7 Part 2.
Processor Fundamentals
Chapter 3: Windows7 Part 2.
Process Description and Control
Architectural Support for OS
Process Control B.Ramamurthy 2/22/2019 B.Ramamurthy.
CSE 451: Operating Systems Autumn 2003 Lecture 2 Architectural Support for Operating Systems Hank Levy 596 Allen Center 1.
Process Description and Control
CSE 451: Operating Systems Autumn 2001 Lecture 2 Architectural Support for Operating Systems Brian Bershad 310 Sieg Hall 1.
Interrupt handling Explain how interrupts are used to obtain processor time and how processing of interrupted jobs may later be resumed, (typical.
Unix Process Control B.Ramamurthy 4/11/2019 B.Ramamurthy.
CSE 451: Operating Systems Winter 2003 Lecture 2 Architectural Support for Operating Systems Hank Levy 412 Sieg Hall 1.
Architectural Support for OS
Contact Information Office: 225 Neville Hall Office Hours: Monday and Wednesday 12:00-1:00 and by appointment. Phone:
Presentation transcript:

Windows 2000 System Mechanisms Computing Department, Lancaster University, UK

Overview Goals Goals –Introduce concept of objects and handles –Look at trap and interrupt dispatching –Examine software and hardware interrupt processing

Processes, Objects and Handles

Introduction to Objects (1) What are objects? What are objects? –Single, run-time instance of a statically defined object type –Object type comprises System-defined data type System-defined data type Function that operates on instances of the data type Function that operates on instances of the data type Set of object attributes Set of object attributes –E.g. process is an instance of the process object type, file is an instance of the file object type, etc. Objects vs. Data Structures Objects vs. Data Structures –Internal structure of an object is hidden! –Must call object service to read/write data

Introduction to Objects (2) Objects help accomplish the following tasks: Objects help accomplish the following tasks: –Providing human-readable names for resources –Sharing resources/data among processes –Protecting resources from unauthorised access –Reference tracking (to de-allocate unused objects) Data that needs to be shared, protected, named or visible to user-mode programs is placed in objects Data that needs to be shared, protected, named or visible to user-mode programs is placed in objects Handles are references to an instance of an object Handles are references to an instance of an object Object Manager responsible for creating, deleting, protecting and tracking objects Object Manager responsible for creating, deleting, protecting and tracking objects

Objects and Handles (1) Three types of Win32 objects (therefore, handles) Three types of Win32 objects (therefore, handles) –Win32 “kernel objects” (events, mutexes, files, processes, threads) Objects managed by “Object Manager” Objects managed by “Object Manager” Handle values are private to each process Handle values are private to each process –Win32 “GDI objects” (pens, brushes, fonts) Managed by Win32 subsystem Managed by Win32 subsystem Handle values are valid system-wide Handle values are valid system-wide –Win32 “User objects” (windows, menus) Objects managed by Win32 subsystem Objects managed by Win32 subsystem Handle values are valid system-wide Handle values are valid system-wide

Objects and Handles (2) Many Win32 APIs take arguments that are handles to system-defined data structures, or “objects” Many Win32 APIs take arguments that are handles to system-defined data structures, or “objects” –App calls CreateXxx, which creates an object and returns a handle to it –Apps then uses the handle value in API calls that operate on that object Referencing object by handle is faster (avoids name lookup) Referencing object by handle is faster (avoids name lookup) Processes can also inherit handles Processes can also inherit handles Object handle is an index into a process-specific handle table Object handle is an index into a process-specific handle table

Handles, Pointers and Objects Handle to a kernel object is an index into the process handle table (invalid in other processes) Handle to a kernel object is an index into the process handle table (invalid in other processes) Handle table entry contains the system-space address of the data structure Handle table entry contains the system-space address of the data structure Although handle table is per- process, it is actually in system address space (hence protected) Although handle table is per- process, it is actually in system address space (hence protected) Process A Process B Handle Table handles index System Space HandleCount = 1 ReferenceCount = 1 Event Object

Handles and Reference Counts Process A Process B Handle Table handles index System Space HandleCount = 2 ReferenceCount = 3 Event Object HandleCount = 1 ReferenceCount = 1 Other Structure Event Object Duplicate Handle

Handles and Security Process handle table Process handle table –Unique for each process –In system address space, hence cannot be modified from user mode (therefore, trusted) Security checks are made when handle table entry is created Security checks are made when handle table entry is created –When CreateXxx called –Handle table entry indicates the “validated” access rights to the object Read, Write, Delete Read, Write, Delete

Looking at Open Handles HandleEx available from HandleEx available from

Object Manager Executive component for managing system- defined “objects” Executive component for managing system- defined “objects” –Objects are data structures with optional names –Object manager implements user-mode handles and process handle table Object manager functionality: Object manager functionality: –Provides uniform naming, sharing and protection scheme Simplifies C2 security – centralises object protection Simplifies C2 security – centralises object protection –Maintains counts of handles/references to each object Object cannot be freed until all handles/references are gone Object cannot be freed until all handles/references are gone

WinObj WinObj available from WinObj available from

Kernel Mode Programming Environment

Invoking Kernel-Mode Routines Code is run in kernel mode for one of three reasons: Code is run in kernel mode for one of three reasons: –Requests from user mode Via system service dispatch mechanism Via system service dispatch mechanism –Interrupts from external devices Interrupts are handled in kernel mode Interrupts are handled in kernel mode Win 2000 interrupt dispatcher invokes interrupt service routine (ISR) Win 2000 interrupt dispatcher invokes interrupt service routine (ISR) –Dedicated kernel-mode threads Some threads in the system stay in kernel mode at all times (mostly in the “System” process) Some threads in the system stay in kernel mode at all times (mostly in the “System” process)

Trap Dispatching Interrupts and exceptions divert the processor to code outside normal flow of control Interrupts and exceptions divert the processor to code outside normal flow of control Can be detected by hardware or software Can be detected by hardware or software Trap Trap –Mechanism for catching an executing thread –Transferring control to a fixed location in the OS Windows 2000 Windows 2000 –Processor transfers control to a trap handler “front- end” Then transfers control to other functions to field the trap Then transfers control to other functions to field the trap E.g device interrupt – transfers control to ISR provided by device driver E.g device interrupt – transfers control to ISR provided by device driver

Trap Dispatching (2) Interrupt service routines System Services Exception Handlers Virtual memory manger’s pager Interrupt Hardware/Software Exceptions System service call Virtual Address Exceptions Exception Dispatcher Trap Handlers

Interrupts and Exceptions Interrupt Interrupt –Asynchronous (can occur at any time) –Generated by I/O devices, processor clocks, timers etc. Exception Exception –Synchronous –Results from execution of a particular instruction –Examples Memory Access Violation, Divide By Zero Memory Access Violation, Divide By Zero Both can be generated by Hardware & Software Both can be generated by Hardware & Software –Exceptions: Bus Error, Divide-by-Zero –Interrupts: I/O Device, Software Interrupts (DPCs) When interrupt/exception generated When interrupt/exception generated –Processor records enough state to return to the current point and continue execution later

Interrupt Dispatching (1) Interrupts allow OS to maximise CPU usage Interrupts allow OS to maximise CPU usage –Thread starting I/O transfer to/from device Can continue useful work whilst the device completes the transfer Can continue useful work whilst the device completes the transfer Device interrupts processor when it needs service Device interrupts processor when it needs service Mice, Printers, Keyboards, Disk Drives are all typically interrupt driven Mice, Printers, Keyboards, Disk Drives are all typically interrupt driven Device drivers supports ISRs to service device interrupts Device drivers supports ISRs to service device interrupts Kernel provides interrupt handling for other types Kernel provides interrupt handling for other types

Interrupt Dispatching (2) Tell device to stop interrupting Interrogate device state, start next operation on device Request a DPC Return to caller Disable Interrupts Record machine state to allow resume Mask equal- and lower- IRQL interrupts Find and call appropriate ISR Dismiss interrupt Restore machine state (include mode and enabled interrupts) Disable Interrupts Record machine state to allow resume Mask equal- and lower- IRQL interrupts Find and call appropriate ISR Dismiss interrupt Restore machine state (include mode and enabled interrupts) Interrupt Dispatch Routine Interrupt Service Routine Kernel mode Interrupt ! User/kernel mode code

Interrupt Precedence via IRQLs Windows 2000 has its own interrupt priority scheme Windows 2000 has its own interrupt priority scheme –IRQL = Interrupt Request Level (0 to 31) Different interrupt sources have different IRQLs (not equal to IRQs!) Different interrupt sources have different IRQLs (not equal to IRQs!) Interrupts serviced in priority order Interrupts serviced in priority order –High priority interrupt pre-empts lower-priority interrupt Servicing an interrupt raises processor IRQL to that interrupt’s IRQL Servicing an interrupt raises processor IRQL to that interrupt’s IRQL –Masks off subsequent interrupts at equal/lower IRQLs High Power Fail Inter-processor Interrupt Clock Dispatch/DPC Device n Device 1 APC Passive Hardware Interrupts Software Interrupts Normal Thread Execution

Software Interrupts Windows 2000 can also generate interrupts itself! Windows 2000 can also generate interrupts itself! Whilst code is running at elevated IRQL, nothing else can execute on the same CPU at that or any lower IRQL Whilst code is running at elevated IRQL, nothing else can execute on the same CPU at that or any lower IRQL –Potentially can make the system less responsive to time- critical events –Windows 2000 avoids this situation by executing as much code as it can at the lowest possible IRQL Deferred Procedure Calls (DPCs) Deferred Procedure Calls (DPCs) –Used to defer processing from higher (device) interrupt level to a lower (dispatch) level –DPC used to schedule non-immediate code, e.g. I/O drivers queue DPCs to complete I/O I/O drivers queue DPCs to complete I/O –DPCs are serviced once IRQL reaches dispatch level

Hardware Interrupt Processing (x86) Device raises interrupt on interrupt controller Device raises interrupt on interrupt controller Interrupt controller in turn interrupts CPU on single line Interrupt controller in turn interrupts CPU on single line CPU queries interrupt controller for IRQ (interrupt request) CPU queries interrupt controller for IRQ (interrupt request) Assume current IRQL is < (IRQ mapped to appropriate IRQL) Assume current IRQL is < (IRQ mapped to appropriate IRQL) Trap Handler called Trap Handler called Trap Handler saves context (including current IRQL), disables interrupts, enters interrupt dispatcher Trap Handler saves context (including current IRQL), disables interrupts, enters interrupt dispatcher

Hardware Interrupt Processing (x86) Interrupt Dispatcher raises current IRQL to new IRQL and enables interrupts Interrupt Dispatcher raises current IRQL to new IRQL and enables interrupts IRQ mapped to interrupt number in Interrupt Dispatch Table (IDT) IRQ mapped to interrupt number in Interrupt Dispatch Table (IDT) –Interrupt Dispatch (IDT) used to transfer control to the appropriate interrupt dispatch routine –IDT lists pointers to kernel routines for each interrupt Appropriate interrupt routine called Appropriate interrupt routine called On exit from interrupt routine, IRQL is returned to the original value prior to the interrupt and context is reloaded On exit from interrupt routine, IRQL is returned to the original value prior to the interrupt and context is reloaded