1. Linux OS
Linux OS
OS provides interfaces between H/W and Users & Apps
- Standards utility programs and Standard library include library's header
Utilities in Linux
- Shell: command interpreter
- Commands, Tools
Command는 단순한 텍스트 지시가 아니라, 실행가능한 program file로서 동작하는 일종의 소프트웨어(trigger)라고 볼 수 있다.
Questions
1. What is the difference between normal users and a root user in Linux?
- Normal user: 제한된 권한만 가지고 시스템 사용
- Root user: 최고 권한 사용자
2. What’s the difference between su and sudo commands in Linux?
- su: switch user, 사용자 계정을 전환하는 명령
- sudo: superuser do, 명령어 단위로 일시적으로 관리자 권한을 얻어 실행
3. What is a kernel in OS?
- 3-1. What is the functions of kernel in OS?
- Kernel: OS의 핵심 소프트웨어, 시스템의 하드웨어와 사용자 프로그램들 사이를 중재하며 자원 관리, 프로세스 제어, 메모리, 입출력 등 전체 시스템 운영을 책임진다.
- 3-2. What's the differences between Kernel modules and User programs?
- Kernel space에서 동작하는 소프트웨어 구성 요소
- User space에서 동작하는 프로세스
4. What’s the difference between user and kernel modes?
- User mode: application이 실행되는 환경
- Kernel mode: OS가 동작하는 환경
5. What’s the difference a system call and a procedure call?
- System call: 사용자 프로그램이 OS의 kernel과 상호작용할 때 사용하는 특수한 함수 호출
- Procedure call: 프로그램 내부에서 함수를 호출하는 일반적인 코드 실행 방식
Operating systems: The classical view
- User program은 각자 독립적으로 실행되는 프로세스로 동작하기 때문에, 메모리 공간이 분리되어 있어 직접적인 접근이 불가하다.
- 중요 자원이 모여있는 Kernel space를 분리함으로써 공유되는 kernel 영역을 신뢰하지 못하는 user program으로부터 보호한다.
Key Concepts
Process
- An execution of a program, consisting of a virtual address space, one or more threads, and some OS kernel state
Virtual Address Space
- An execution context for process/threads defining a namespace for executing instructions to address data and code
Kernel
- The software component that conrols the hardware directly, and implements the core privileged OS functions
- Modern hardware has features that allow the OS kernel to protect itself from untrusted user code
- Kernel provides the most basic level of control over all of the computer's hardware devices
File
2. User and Kernel Modes
What is kernel?
Kernel is the central component of an OS with complete control over everything in the system
- Memory-resident
- The kernel code is loaded into a separate area of memory, which is protected from access by application programs or other
4GB의 virtual memory중 1GB는 시스템이 booting될 때, 즉시 physical memory에 mapping되는 kernel을 위한 영역다. 이 영역은 모든 프로세스에서 공유되며, 사용자 프로그램이 직접 접근할 수 없고 오직 system(kernel) 모드에서만 접근할 수 있다.
Kernel deals with critical system functions
- Cpu scheduling, context switching, IPC(프로세스 간의 통신)
- Memory management
- Exception handler(Interrupt handler)
CPU & OS supports dual-mode operation
- User mode & Kernel mode
Dual-Mode Operation
- User vs. kernel mode determined by some bit(s) in some processor control register
- x86 architecture uses lower 2-bits in the CS register
- 0 = Most privileged(kernel mode) and 3 = Least privileged(user mode)
- Levels 1 and 2 may also be used are not by Linux
- Can stop buggy(or malicious) program from doing bad things
- Provide hardware support to distinguish between two different modes of operation
- User Mode: when executing on behalf of a user
- Kernel Mode: when executing on behalf of the OS
- Provide hardware support to distinguish between two different modes of operation
- Hardware may contain two mode-bits
- 00 means kernel, 11 means user
- 00 means kernel, 11 means user
User vs. Kernel Mode
- OSes provide different levels of access to resources
- Kernel mode is a special mode of the processor for executing trusted code
- OS has full access to the hardware of the system
- Certain machine instructions are possible only in kernel mode
- Certain features/privileges are only allowed to code running in kernel mode
- Kernel interacts directly with the H/W such as the CPU and memory
- Loaded to main memory and remains in main memory
- OS has full access to the hardware of the system
- User mode is where user applications are designed to run to limit what they can do on their own
- H/W restricts what applications can do
Kernel Mode Previlieges
- Previleged instructions
- User apps shouldn't be allowed to disable/enable interrupts, change memory mapping, etc.
사용자가 enable/disable을 마음대로 다루면, kernel이 언제든지 시스템 제어를 되찾아야 하는 기본 원칙이 깨지게 된다.
- Previleged Memory or I/O access
- Processor supports special areas of memory or I/O space that can only be accessed from kernel mode
- Critical section, Kernel data structure(IVT, page table)
- Processor supports special areas of memory or I/O space that can only be accessed from kernel mode
- Separate stacks and register sets
- MIPS processors can use "shadow" register sets
- Used to reduce register load/store overhead in handling interrupts
- MIPS processors can use "shadow" register sets
Process Address Space in Linux
Mode Transition
- User mode when executing harmless code in user applications
- Kernel mode(a.k.a system mode, supervisor mode, privileged mode) when executing code in the system kernel
- Certain machine instructions (previleged instructions) can only be executed in kernel mode
- Kernel mode can be enterd when a system call is invoked or a fault/interrupt occurs
user 모드에서 실행되는 코드는 OS와 system 전체에 해를 끼칠 가능성이 없도록 보호된 환경에서 제한적으로 동작한다.
코드에서 system call을 하는 순간, CPU가 user 모드에서 kernel 모드로 즉시 전환된다.
3. System calls, Faults, H/W interrupt
System calls
- system call을 사용하는 방법은 (1) 코드에서 직접 호출(저수준)과 (2) 라이브러리 함수(고수준, wrapper) 내부에서 호출
- assembly or kernel interface C에서,syscall 명령어나 trap 명령어로 system call을 직접 호출한다.
- 대표적인 standard library의 경우, 내부적으로 system call을 호출한다. e.g. printf() write()
- Provide the interface between a running program and the OS
- A system call transfers control into the OS while simultaneously raising the hardware privilege level
- A system call is a request to the OS to perform some activity
- Typically written in a high-level language (C or C++)
- A system call transfers control into the OS while simultaneously raising the hardware privilege level
- Provide a controlled method for user mode apps to invoke kernel mode code
- Provide a structured entry point to the OS
- Often used to allow user apps to request I/O or orther services from the OS
- e.g. ioctl(), mknod(), mount(), fork()
- Often used to allow user apps to request I/O or orther services from the OS
- Syscall's and traps switch into kernel mode when called
Three general methods are used to pass paramters between a running program and the OS
ssize_t read(int fd, void *buf, size_t count);
fd: file discripter
- Pass paramters in registers
- Store the paramters in a table in memory, and the table address is passed as a paramter in a register
- Push(store) the parameters onto the stack by the program, and pop off the stack by OS
x86 Syntax: INT 0x80
- Arguments placed in EAX or on stack
- 호출하고자 하는 system call num을 EAX(register)나 stack에 저장한다.
INT 명령어는 소프트웨어 인터럽트를 발생시키는 명령어로, INT 0x80뿐만 아니라 여러 값과 함께 호출할 수 있다. Linux에서는 INT 0x80이 시스템콜 진입용으로 약속된 것이다.
MIPS Syntax: syscall
- Necessary arguments are defined by the OS and expected to be placed in certain registers
MIPS: CISC 같은 구조에 비해 가벼운 RISC 구조
Windows의 system call도 Unix system call과 유사하다.
Exception Handling
Exceptions: System call(=trap), Faults, H/W interrupts
- trap 호출하는 것, 역시 비상상황(exception)으로 받아들일 수 있다.
What causes exceptions?
What does the hardware do when an exception occurs?
- 여러 조건을 단계적으로 판별하여 예외 상황 처리
- Save necessary state to be able to restore the process
- Call an appropriate "handler" routine to deal with the error/interrupt/syscall
- Restore the state and return to offending application(or kill it if recovery is impossible)
- 복원에서 문제 발생 시, kill
현 상태를 안전하게 저장하고, 적절한 루틴을 수행하고, 저장했던 것을 온전하게 복원해야 한다.
OS Service: Error Detection & Handling
- User program's attempts to execute illegal instructions, or to access forbidden memory areas
- Generate software interrupts, which are trapped by the interrupt handler
- e.g. segmentation fault, memory access violation
- Control is transferred to the OS, which issues an appropriate error message, possibly dumps data to a log file for later analysis, and then terminates the offending program
위험하거나 금지된 동작을 시도할 때, 오류를 감지하고 데이터 기록 및 프로그램 종료로 시스템의 안정성을 보장한다.
