Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Operating Systems Lesson 5: Shared Objects.

Published byClifford Truesdell Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Operating Systems Lesson 5: Shared Objects."— Presentation transcript:

1 Secure Operating Systems Lesson 5: Shared Objects

2 Where are we?  We have got more of the fundamental security structures of our OS in our heads  But now we have to face a real challenge: shared objects

3 The OS doesn’t HAVE TO…  I’ve used that heading before, but it’s true  There’s no requirement for our OS to support sharing between users and processes… but it sure comes in handy  Once again, we have a tension between performance and security

4 Two Parts of the Problem  Sharing actual information  Synchronizing between threads and/or processes

5 Peterson’s Solution  Two shared variables: int turn; boolean flag[2]  Code: flag[i] = TRUE; turn = j; while (flag[j] && turn == j); // Do Critical Section flag[i] = FALSE;

6 Peterson’s Solution II PROCESS 0  flag[0] = TRUE; turn = 1; while(flag[1] && turn == 1); // Critical Section flag[0] = FALSE; PROCESS 1  flag[1] = TRUE; turn = 0; while(flag[0] && turn == 0); // Critical Section flag[1] = FALSE;

7 Hardware Support  The challenge of disabling interrupts is that it’s expensive  Many OS provide a hardware “test and set” instruction, which allows atomic access to a chunk of memory  Swap: void Swap(boolean *a, boolean *b) { boolean temp = *a; *a = *b; *b = temp; }

8 Implemented as…  do { key = TRUE; while (key == TRUE) swap(&lock, &key); // Critical Section lock = FALSE; } while (TRUE);  Mutual-exclusion with Swap…

9 Semaphores  wait(S) { while (S <= 0); //nop S--; }  signal(S) { S++; }  This really looks like a spinlock…

10 Semaphores  wait(semaphore *S) { S->value--; if (S->value list; block(); // SLEEP } } // This will halt until we own the semaphore

11 Deadlocks  P0 wait(S); wait(Q); … signal(S); signal(Q);  P1 wait(Q); wait(S); … signal(Q); signal(S);

12 Priority Inversion  Imagine we have three procii, L, M and H, where L is Low Priority, M, medium, and H, High  L is holding a resource which is blocking H, but gets swapped out for M  This is known as Priority Inversion… and it’s a real problem!  Probably we should talk about different scheduling approaches

13 Mars Sojourner  Long running, medium priority Comms task  Low priority weather task  High priority information bus thread  Low priority wx task acquires a mutex for the bus… gets interrupted by the Comms task (long running), blocking the high priority bus thread… tada! Priority Inversion  Can be a security issue too! Can be solved by priority inheritance

14 Atomicity  Making sure something is atomic is pretty easy on a single core system  On a more complex system it can get REALLY hard  One approach is transactional memory – move the problem to the memory not the programmer  None of this has even touched on how we SHARE information between processes…

15 Race Conditions  Poor synchronization can lead to race conditions – a subset of which is called TOCTOU  Race conditions arise from interdependence that is unrealized or incorrectly implemented

16 Things to Do  Read “An Investigation of the Therac-25 Accidents”, Nancy Leveson, Clark S. Turner

17 Questions & Comments  What do you want to know?

Download ppt "Secure Operating Systems Lesson 5: Shared Objects."

Similar presentations

Operating Systems Semaphores II

Operating Systems Semaphores II
1 Interprocess Communication 1. Ways of passing information 2. Guarded critical activities (e.g. updating shared data) 3. Proper sequencing in case of.

1 Interprocess Communication 1. Ways of passing information 2. Guarded critical activities (e.g. updating shared data) 3. Proper sequencing in case of.
Chapter 5 Concurrency: Mutual Exclusion and Synchronization Operating Systems: Internals and Design Principles, 6/E William Stallings Patricia Roy Manatee.

Chapter 5 Concurrency: Mutual Exclusion and Synchronization Operating Systems: Internals and Design Principles, 6/E William Stallings Patricia Roy Manatee.
Operating Systems Part III: Process Management (Process Synchronization)

Operating Systems Part III: Process Management (Process Synchronization)
Ch. 7 Process Synchronization (1/2) 2015-04-17. 7.I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.

Ch. 7 Process Synchronization (1/2) I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.
Chapter 6: Process Synchronization

Chapter 6: Process Synchronization
Background Concurrent access to shared data can lead to inconsistencies Maintaining data consistency among cooperating processes is critical What is wrong.

Background Concurrent access to shared data can lead to inconsistencies Maintaining data consistency among cooperating processes is critical What is wrong.
5.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 5: CPU Scheduling.

5.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 5: CPU Scheduling.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 6: Process Synchronization.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 6: Process Synchronization.
1 CENG334 Introduction to Operating Systems Erol Sahin Dept of Computer Eng. Middle East Technical University Ankara, TURKEY URL:

1 CENG334 Introduction to Operating Systems Erol Sahin Dept of Computer Eng. Middle East Technical University Ankara, TURKEY URL:
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.
Process Synchronization. Module 6: Process Synchronization Background The Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores.

Process Synchronization. Module 6: Process Synchronization Background The Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores.
1 Operating Systems, 122 Practical Session 5, Synchronization 1.

1 Operating Systems, 122 Practical Session 5, Synchronization 1.
Mutual Exclusion.

Mutual Exclusion.
CH7 discussion-review Mahmoud Alhabbash. Q1 What is a Race Condition? How could we prevent that? – Race condition is the situation where several processes.

CH7 discussion-review Mahmoud Alhabbash. Q1 What is a Race Condition? How could we prevent that? – Race condition is the situation where several processes.
Interprocess Communication

Interprocess Communication
Cpr E 308 Spring 2004 Recap for Midterm Introductory Material What belongs in the OS, what doesn’t? Basic Understanding of Hardware, Memory Hierarchy.

Cpr E 308 Spring 2004 Recap for Midterm Introductory Material What belongs in the OS, what doesn’t? Basic Understanding of Hardware, Memory Hierarchy.
Synchronization. Shared Memory Thread Synchronization Threads cooperate in multithreaded environments – User threads and kernel threads – Share resources.

Synchronization. Shared Memory Thread Synchronization Threads cooperate in multithreaded environments – User threads and kernel threads – Share resources.
5.6 Semaphores Semaphores –Software construct that can be used to enforce mutual exclusion –Contains a protected variable Can be accessed only via wait.

5.6 Semaphores Semaphores –Software construct that can be used to enforce mutual exclusion –Contains a protected variable Can be accessed only via wait.
Chapter 6: Process Synchronization. Outline Background Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores Classic Problems.

Chapter 6: Process Synchronization. Outline Background Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores Classic Problems.

Similar presentations

Ads by Google