Presentation is loading. Please wait.

Presentation is loading. Please wait.

4P13 Week 1 Talking Points. Kernel Organization Basic kernel facilities: timer and system-clock handling, descriptor management, and process Management.

Published byHannah Price Modified over 9 years ago

Similar presentations

Presentation on theme: "4P13 Week 1 Talking Points. Kernel Organization Basic kernel facilities: timer and system-clock handling, descriptor management, and process Management."— Presentation transcript:

1 4P13 Week 1 Talking Points

2 Kernel Organization Basic kernel facilities: timer and system-clock handling, descriptor management, and process Management Security features: conventional UNIX model, but also sandboxing, virtualization, event auditing, and cryptographic services Memory-management support: paging and swapping Generic system interfaces: the I/O, control, and multiplexing operations performed on Descriptors Filesystems: files, directories, pathname translation, file locking, and I/O buffer management Terminal-handling support: the pseudo-terminal interface and terminal line disciplines Interprocess-communication facilities: sockets Support for network communication: communication protocols and generic network facilities, such as routing

3 Table 2.1

4 Table 2.2

5 Process Management Multi-Tasking Process Context – User level state Address space state Runtime env Kernel state – Scheduling parameters – Resource controls – Id info

6 Process Management Process Identifier (PID) – Used by Kernel and User to reference a process New process (child) is cloned from an existing (parents) process. – fork – Inherits properties of the parent Think extends in OOP. – Implies that the new process will execute in the resource env of the parent. Address space Permissions etc.

7 Fig 2.1 execve – execute new process from a file. – Overlay will get parameters from memory address space of parent. exit – terminates and returns info back to parent. – Implies that if parent exits so must all children – Implies that process priority of parent is inherited by child.

8 Security A self-protecting Trusted Computing Base (TCB) guarantees enough system integrity to implement features such as multiple users and key storage. Strong process isolation using virtual memory ensures that the kernel is protected from user code, and that user processes are protected from one another Identification and instrumentation of security-relevant operations throughout the kernel to implement access control, resource limits, and event auditing A coherent privilege model, internal to the kernel, that allows exceptional operations (such as system administration, device-driver implementations) to occur in a structured way despite being outside the regular access-control model Design abstractions that facilitate future security models, as well as security localization in downstream products; for example, clean separation of policy and mechanism, object-oriented structure (subject to the limitations of C), and a user space capability-system model providing protection, rather than policy, as the primitive for application compartmentalization Cryptographic primitives, such as secure random number generation and a library of encryption and signature functions, that can support many different higher-level operatingsystem features and applications

9 Process Credentials – UID – user id – GID – group id – Passed to processes to allow execution access. – Setuid & Setgid allow processes to run at elevated priveledges. Privilege Model – Up to 200 privilege model Old model consisted of 2 – 0 root – other

10 Jails – Virtualization which limits a group or processes Limited file system Memory Access to system-calls Can provide duplication of file systems into the Jail Mandatory Access Control –MAC – Similar to Windows security policy system – Policies are associated to processes to govern access rights.

11 Cryptography – Kernel has built in Random number generator Sys-call – Unidirectional hashes Memory Mgmt – All processes run in a segmented system Stack, code, heap – Enforces restrictions rwx Each segment is paged to VM – Allows for memory overlays between kernel and processes, for data transfer. – Kernel memory is non-paged Accessed from a dedicated pool – Malloc and free

12 Descriptors – Can be thought of as a file handle or pointer Contains meta info about resource – Security info etc. – 7 types of IO File Pipe – STD out to STD in between processes Fifo – named Pipe, which has file system control Socket – named data stream which can be created between 2 processes, Network capable. PosIX IPC – message queue, shared memory, semaphores Event Queue – queue of events which control several processes. Process descriptors – meta security and control data for a set of processes.

13 Devices Devices must operate dynamically. – Connected and disconnected. – PnP system – Requires OS to load and unload drivers as required. – When a new device is added Kernel must initiate a configuration process.

14 File Systems Anchored as a tree with a root. – chroot can set the current root for a process. – Only executable by superuser priveledge. Processes can be restricted to sub-trees of the file system. – Any process can chdir to traverse the tree. – Root file system can link any device with a file system to it. mount unmount

15 Each directory of the file system can have 3 levels of access. – Owner, Group, Everyone – Each of above set to rwx using chmod – Access control lists further can restrict access to specific users.

16 NFS Network File System. – Required so multiple users can access a common resource. servers – Provides file locking, caching, and access right control.

17 Inter-process Communications 3 types of domains – Local Processes running on the local machine – IPv4 and IPv6 Allows for communications over a network Sockets provide connection streams between processes. – Binding a name to a socket creates a file – Binding an IP creates a network tunnel.

18 The End

Download ppt "4P13 Week 1 Talking Points. Kernel Organization Basic kernel facilities: timer and system-clock handling, descriptor management, and process Management."

Similar presentations

More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.

More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.
EEE 435 Principles of Operating Systems Operating System Concepts (Modern Operating Systems 1.5)

EEE 435 Principles of Operating Systems Operating System Concepts (Modern Operating Systems 1.5)
Chorus and other Microkernels Presented by: Jonathan Tanner and Brian Doyle Articles By: Jon Udell Peter D. Varhol Dick Pountain.

Chorus and other Microkernels Presented by: Jonathan Tanner and Brian Doyle Articles By: Jon Udell Peter D. Varhol Dick Pountain.
Chap 2 System Structures.

Chap 2 System Structures.
Operating-System Structures

Operating-System Structures
1 Case Study 1: UNIX and LINUX Chapter 10 10.1 History of unix 10.2 Overview of unix 10.3 Processes in unix 10.4 Memory management in unix 10.5 Input/output.

1 Case Study 1: UNIX and LINUX Chapter History of unix 10.2 Overview of unix 10.3 Processes in unix 10.4 Memory management in unix 10.5 Input/output.
Page 1 Processes and Threads Chapter 2. Page 2 Processes The Process Model Multiprogramming of four programs Conceptual model of 4 independent, sequential.

Page 1 Processes and Threads Chapter 2. Page 2 Processes The Process Model Multiprogramming of four programs Conceptual model of 4 independent, sequential.
Page 1 Processes and Threads Chapter 2 2.1 Processes 2.2 Threads 2.3 Interprocess communication 2.4 Classical IPC problems 2.5 Scheduling.

Page 1 Processes and Threads Chapter Processes 2.2 Threads 2.3 Interprocess communication 2.4 Classical IPC problems 2.5 Scheduling.
INTRODUCTION OS/2 was initially designed to extend the capabilities of DOS by IBM and Microsoft Corporations. To create a single industry-standard operating.

INTRODUCTION OS/2 was initially designed to extend the capabilities of DOS by IBM and Microsoft Corporations. To create a single industry-standard operating.
Introduction to Kernel

Introduction to Kernel
Home: www.cse.dmu.ac.uk/~pkang Phones OFF Please Unix Kernel Parminder Singh Kang Home: www.cse.dmu.ac.uk/~pkang Email: pkang@dmu.ac.uk.

Home: Phones OFF Please Unix Kernel Parminder Singh Kang Home:
Embedded Real-time Systems The Linux kernel. The Operating System Kernel Resident in memory, privileged mode System calls offer general purpose services.

Embedded Real-time Systems The Linux kernel. The Operating System Kernel Resident in memory, privileged mode System calls offer general purpose services.
CMPT 300: Final Review Chapters 8 – 14. 2 Memory Management: Ch. 8, 9 Address spaces Logical (virtual): generated by the CPU Physical: seen by the memory.

CMPT 300: Final Review Chapters 8 – Memory Management: Ch. 8, 9 Address spaces Logical (virtual): generated by the CPU Physical: seen by the memory.
Process Management. External View of the OS Hardware fork() CreateProcess() CreateThread() close() CloseHandle() sleep() semctl() signal() SetWaitableTimer()

Process Management. External View of the OS Hardware fork() CreateProcess() CreateThread() close() CloseHandle() sleep() semctl() signal() SetWaitableTimer()
1/28/2004CSCI 315 Operating Systems Design1 Operating System Structures & Processes Notice: The slides for this lecture have been largely based on those.

1/28/2004CSCI 315 Operating Systems Design1 Operating System Structures & Processes Notice: The slides for this lecture have been largely based on those.
Process in Unix, Linux and Windows CS-3013 C-term 20081 Processes in Unix, Linux, and Windows CS-3013 Operating Systems (Slides include materials from.

Process in Unix, Linux and Windows CS-3013 C-term Processes in Unix, Linux, and Windows CS-3013 Operating Systems (Slides include materials from.
CS-502 Fall 2006Processes in Unix, Linux, & Windows 1 Processes in Unix, Linux, and Windows CS502 Operating Systems.

CS-502 Fall 2006Processes in Unix, Linux, & Windows 1 Processes in Unix, Linux, and Windows CS502 Operating Systems.
OPERATING SYSTEMS Introduction

OPERATING SYSTEMS Introduction
Unix & Windows Processes 1 CS502 Spring 2006 Unix/Windows Processes.

Unix & Windows Processes 1 CS502 Spring 2006 Unix/Windows Processes.
Os31 Chapter 3 Operating-System Structures. os32 Outlines System Components Operating System Services System Calls System Programs System Structure Virtual.

Os31 Chapter 3 Operating-System Structures. os32 Outlines System Components Operating System Services System Calls System Programs System Structure Virtual.

Similar presentations

Ads by Google