Lecture: OS organization

preparation

• read OSPP §2, The Kernel Abstraction
• skim the exokernel paper to get a high-level idea of what you are building in JOS
  • don’t worry if you don’t get the paper now
  • you’ll understand it pretty well by the end of this quarter!

administrivia & exercises

• lab 1 due tomorrow
• exercise 1: what are the values beyond the stack
• exercises from last lecture
  • file descriptors: open/read/write/close/…
  • abstraction for terminals, disk files, pipes, system information
  • how would you implement strace?

$ uptime > file
$ uptime | tr '[a-z]' '[A-Z]'

overview

• goal: isolation & sharing
  • a process should not be able to
    • corrupt the memory of the kernel or another process
    • consume all the CPU time
  • while still being able to communicate with other processes & hardware
    • otherwise, just use a separate machine for each application
• how the OS/hardware/compiler work together
• broader context: web browsers, web servers
  • can tabs (websites) access each other’s data? why not?
  • can JavaScript from a remote website access your local file systems?

process isolation

• real-world example: how do we manage a large building
  • partitioning & virtualization
• memory
  • keys
    • split memory into chunks and assign a “key” to each chunk
    • each process holds one or more keys
    • check (who? when?) if the process has the key to access the memory chunk
    • examples: IBM S/360, Intel’s MPK (Vol 3, §4.6.2, Protection Keys), SFI
    • used Valgrind from CSE 333?
  • virtual memory
    • suppose process A writes some value to a memory address
      • can process B read the value from the same address?
      • can process B overwrite the value in A? why not?
    • naming issue
      • hide physical memory addresses from programs
      • name memory using: <address space, virtual address> instead of
    • isolate two processes
      • need some virtual-to-physical address translation (by what?)
      • use a safe language: e.g., write process in Java (any other example?)
      • virtual machine: e.g., can JOS in QEMU harm your laptop?
      • hardware: MMU (segmentation/paging) - segfaults if violated
    • isolate kernel memory from processes
      • take a look at inc/memlayout.h in JOS
      • can a process write to kernel? who checks?
• time
  • cooperative scheduling
    • each process voluntarily gives back the control (to whom?)
    • what if they don’t
  • virtual CPUs
    • each process thinks it has a dedicated CPU
    • kernel runs processes in turn on physical CPUs: save/store state
      • example: take control back from a process that spins forever
      • clock interrupt & preempt
• many plans to achieve isolation
  • this class focues on isolation through kernel/user split
  • will talk about other techniques in the second half of this quarter (think how Java/QEMU work)