Introduction: Difference between revisions

From Soma-notes
Introduction, written up by Roy Hooper
 
m Small formatting edit, no real large corrections.
 
(12 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== [[COMP 3000]] Lecture Notes: September 10th, 2007 ==
These notes have not yet been reviewed for correctness.


This lecture covered Administrative items and a part of the Introduction.
== Introduction ==


=== Administrative ===
[[Class Outline#Introduction|Last class]], we began talking about turning the machine we have into the machine we want.


==== Textbook ====
What are some properties of the machine that we want?


Dr Somayaji has used the 3rd edition textbook before.  It isn't ideal, but it will suffice.  If you wish to a different textbook, you're expected to ensure that it covers the topics as covered in class.
<dl>
<ul>- usable / accessible</ul>
<ul>- stable / reliable</ul>
<ul>- functional (access to underlying resources)</ul>
<ul>- efficient</ul>
<ul>- customizable</ul>
<ul>- secure</ul>
<ul>- multitasking</ul>
<ul>- portable</ul>
</dl>


==== Exams, Tests, Quizzes, Labs, Assignments ====
Examples:
<dl>
<ul>- If you have a computer that doesn't let you access the hardware via an input device (eg: keyboard, mouse, etc..), it isn't very functional.</ul>
<ul>- For portability, do you really want to have to rewrite applications to support
slight variations in the hardware such as different size hard disks and different
amounts of RAM?</ul>
<ul>- Multitasking is slightly different than efficiency. (''needs editing and expanding, very unclear'')</ul>
</dl>


There will be no quizzes and no final exam.  There will be 4 labs, 2 tests, and a term paper.  We may collaborate on the labs, but not on the quizzes and term paper.


<math>\tfrac{1}{2}</math> to <math>\tfrac{2}{3}</math> of a test is designed to be easy, with the remainder being more difficult.
Operating systems don't do all of these perfectly, but they tend to do a lot
of these at least acceptably.


==== Term Paper ====
If you look at the introduction to the text book, it talks about various
types of operating systems.  Some of the operating systems we know about are:
Linux, Windows, MacOSX, VXWorks, QNX, MS-DOS, Soliaris/xBSD, OS/2, BeOS, VMS,
MVS, OS/370, AIX, etc.


Choice of topic for term paper is fairly flexible. Take what you know in other areas of computer
Linux isn't a variety of different operating systems to the same degree as the  
science and integrate them in the paper. Include your own interests.  The most common mistake seen
different versions of windows, as most linuxs' share some components, where as windows tends not to.
is to take an idea for the exact paper, and then do research to fulfill the paper.  Do research first, then come up
with a topic, as the thing you want to write on may not have been written about yet.


For bibliographies, use the form found in most papers and journalsBibtex is great for bibliographies.
Of the list above, most of them are modern operating systems.
To be a "modern" OS, there are two major qualities: Does it have protected
memory, and does it have pre-emptive multitasking? (MS-DOS wouldn't apply to this list because it doesn't constitute as a modern OS.)


Google scholar is a great place to start looking for papers.  Many journals are only accessible by subscription, however the [http://library.carleton.ca Carleton University Library] provides access to students both onsite and off.  You will need your student ID in order to authenticate from off-site.  While on-site, you should be able to access the journals without authentication.
=== Protected Memory ===


A useful trick is to take the URL of a journal article and append ''proxy.library.com'' to the domain name portion of the URL.
What is protected memory? 


==== Extra Credit ====
Student: A situation where each program and the operating system has its own memory, and the OS prevents
other programs from writing to another program's memory. 


Dr Somayaji would like to build a class notes wiki.  You can get up to 3 percent added to your final mark if you participate and do an outstanding job. Lower quality jobs will result in less extra credit.  You will be able to volunteer once during term.
Dr. Somayaji: Access mechanisms to avoid having one program overwrite another program's memory.


==== Labs ====
This lets you have a situation where if one program crashes, you can just restart it.  Damage due to
memory overwrites is limited to one program.


You are expected to attend the first lab for each lab assignment, as there
=== Preemptive Multi-tasking ===
will be marks given for work done in class. This is sort of a way to take
attendance, as well as to help students get started with assignments. This
means there's 4 mandatory tutorials. Students are encouraged to attend all of
the labs. Labs will take longer than one assignment. Don’t be discouraged by
students who manage to finish labs in one hour, as they may have experience
with operating systems already, or may have taken the course before.


==== Term Papers ====
Preemptive Multitasking is a way to have more than one program run at a time. Older machines were known
as batch machines and their operating systems were batch operating systems. These machines ran tasks that took a long time to finish execution, so the tasks were placed in a queue and run one at a time in sequence. These were typically things such things as payroll and accounts receivable for large business. Usually these would be left to run overnight and output the result of the tasks either on magnetic tape or a
stack of printouts, which would be returned to the user in the morning.


You may talk to each other about papers to get feedback, but each paper is
What is the difference between preemptive multitasking and cooperative multitasking?
supposed to be your own work.
<dl>
<ul>- Preemptive multitasking: the OS enforces time sharing.</ul>
<ul>- Co-operative multitasking:  each program lets others run.</ul>
</dl>


Plagiarism is a big deal, and some students of COMP3000 have been caught plagarizing in
Examples:
the past. '''Do not plagiarize.''' The official policy requires handing over the
<dl>
plagiarized paper and student to the dean for discipline.  
<ul>If you look at MS-DOS, there are batch files.  These are just a sequence of
commands to run. It runs them and then returns when done. (cooperative)</ul>
<ul>If you want to run a GUI, however, a batch system is unlikely to be what you want, as
a GUI environment tends to be interactive. (preemptive)</ul>
</dl>


You can't just cut and paste. If a section in
With the big iron in the old days they had big computers that would be sitting
another person's work is fundamentally the same as yours, this is still
mostly idle, except when running the batch jobsThe idea of time sharing came along around then.
plagiarism. The paper is supposed to be your own work. Figures cannot just be cut
and pasted. You must redraw it yourself, then cite it. Using a thesaurus to
rephrase every word will not workThis is still fundamentally someone else's work.


This issue carries over into the commercial world, even in code: Free code may
=== Structure of a computer ===
not be free -- read the licenses. Incorporating some 3rd party code may
require your company to divulge all of their code into the wild.


Watch out for incorporating something but only tweaking it.
[[Image:Stored_program_architecture_1.png]]
Stored Program architecture


You should read your sources, put them away, and then pull them back out to
The stored program architecture with today's computers is a bit of a fiction.
put the citations in...  This should help avoid plagiarizing, unless you have a
photographic memory.


==== Lectures ====
The things the microprocessor does are significantly faster than the RAM
storage.  Modern computers have to wait for data from RAM. However this time is
dwarfed by the time spent waiting for I/O.  This is because I/O devices tend to be mechanical:
printers, hard disks, people at keyboards.


Question from the floor:  How do you structure the lectures?
This helped cause the idea "what if we had multiple users and let them share the CPU" to come
about. This is time-sharing. On modern computers, we do this too, but instead
of sharing with multiple users we run multiple programs for a single user --
multi-tasking.


Dr Somayaji tries to keep the tests to the material in the text and tests.
In older systems such as Win3.1 and MacOS 9, this was co-operative multi-tasking.
The lectures will vary, and he considers them to be a performance. Skipping
When things started running, they'd hog the CPU until they decided they were
class will result in some interesting material getting missed, but you should
ready to give up the CPU.   
do acceptably by reading the text and doing the assignmentsThe goal of the
lectures, however, is to make it worth your time to attend.


One of the things that universities are struggling with is, especially with the
There used to be a great feature in the Mac in the old days where if you held
compute science field, is why are we still requiring students to attend in person? Part
down the mouse button, no networking would happen. This was because the
of this is that lectures and other interactions with professors an TAs encourage
program running at the time was hogging the CPU when the mouse button was pressed.
a different learning due to physical presenceThere is a different type of energy, different
In pre-emptive multitasking, you get booted out periodically so that the
type of synergyBeing able to see reactions of students helps to fine tune the lecture.
system can spend time paying attention to the network, to do animations, or
to let other applications runIt spends a millisecond here, a millisecond there,
etcInstead of actually running simultaneously, they're periodically running, but
they seem to run simultaneously to the end-user.


Sometimes you have 2 or more CPUs, but you have more than 2 things going on...


==== Optional Reading ====
=== Processes and the Kernel ===


Over thanksgiving, students are encouraged to read the [http://web.mac.com/nealstephenson/Neal_Stephensons_Site/Home.html Neal Stephenson]'s article [http://www.cryptonomicon.com/beginning.html In the Beginning was the Command Line]. While
Processes are fundamentally the things that get multitasked and protected. It
he's not entirely correct that UNIX is the one true computer science operating
is the abstraction of a running program. This is what makes an operating
system, it is almost true. UNIX wasn't built to fulfill a commercial niche. It was
system modern. In the old days, you had one memory space and the OS and its
built for programmers by programmers. It has survived because it has been
applications were all sharing the CPU and memory. Now, with a process model,
useful to programmers.
there are barriers all over the place, and more importantly, something/someone
in charge governing the process. It's not a free-for all, it has a dictator,
and its name is the kernel.


One of the first things that tends to happen to most new Operating Systems or
Kernel as in the center piece.
platforms is that some part of unix or some variant of unix is ported to it (such as [http://www.netbsd.org/ NetBSD] or [http://www.linux.org/ Linux].
Additionally, things like cygwin will pop up to allow you to port applications
and programs over. [http://www.cygwin.com/ Cygwin] works fairly well, but not perfectly.  This is like
a handyman going to a new job.  He's going to bring some of his favorite tools
with him to use at the new job.  You bring along your favorite tools because
you're familiar with them and can do powerful things with them.


While we mostly hear about unix in class, we'll still hear about windows some.
Question to class: How many people have heard of the term Microkernel?
Not many hands.


=== Introduction ===
There are various terms that modify the term kernel such as monolithic kernel, microkernel,
picokernel, etc. These specify how much stuff is in the microkernel.
The idea is that the more code is in the kernel, the faster it goes, but
conversely, that the more code there is the risk of crashing is higher.


What is an operating system?
All of the problem code goes into processes, as they can be restarted, and kept
out of the kernel.


Student: A large piece of software that interfaces with the machine's hardware
The debate about what is faster is not fully settled for technical and philosophical reasons.
to allow a user to interact with the computer to perform actions.
Almost all operating systems on the list above are big kernels, not small ones.


Dr Somayaji doesn't like the size qualifier.
So if that's what a kernel is, how does a program fit into that?
If there's one program to rule them all, where do processes fit in?
The kernel decides who gets to run, that implements a priority scheme.


The operating system turns the hardware (the computer that you have) into the
Student:  "It got there first.  You start the computer, then the kernel gets in.  Everything has to
computer that you want (the applications).
talk to it or it doesn't run..."
 
It gets to set the rules... that's sort of it... 
In unix, there's the idea of the init process.  It is first to run, and has
special responsibilities.  It is run using a regular binary, at system boot,
by the kernel.  This still doesn't tell us how the kernel keeps control of it.
 
The kernel often keeps control by getting the hardware to help.  By loading first,
the kernel can setup the CPU and memory so that it has control. This
type of hardware assistance is generally available to the first code to
request it.
 
=== Interrupts ===
 
Interrupts -- what are they?  It's an alert to say something has to be done now.
 
A CPU is running the programs, until something happens, like someone pressing
a key or a network packet arrives.  So an I/O device flags an interrupt.  The CPU
now has to stop and pay attention
 
An interrupt is just a mechanism to allow the CPU to change contexts, to switch
from running one bit of code to another.  There's a standard set of interrupts
defined by the hardware.  Associated with each interrupt there's a bit of code.
When one interrupts happens, run its code, when another happens, run another. 
For example, for the keyboard, there's a routine to read a key from the keyboard, store it in
a buffer so its not overwritten when the next key is pressed, then returns.


{|align="right"
{|align="right"
|[[Image:Comp3000_lecture1_figure1.png]]
|[[Image:Stored_program_architecture_2.png]]
|}
|}
Ideally an application should not depend on specific hardware, but rather
Think of an interrupt as a little kid pulling at your pant leg.  It wants your attention now.
generic things - not a specific brand of mouse, but rather any mouse by
 
abstraction.
The OS controls interrupts to control the CPU (and also what happens with RAM).
 
Wait a second?  If the kernel can only control interrupts, how can it keep
general control if no interrupts happen?  The clock IO device!  It throws
interrupts too.
 
As a part of the boot sequence, the kernel programs the clock to wake the
operating system up every, say, 100th of a second.  Call me!  So the OS can
then keep running and perform its tasks as it needs:
"Is everyone behaving nicely?  Do I need to kill anyone?"
 
=== Virtual Memory ===
 
A slight fly in the ointment: If you are a program, and want to take control,
how do you mount a rebellion?  You overwrite the interrupt table! This is
where protected memory comes in.  It prevents a regular program from doing this.
As a regular process, you often can't even see the interrupt table.
 
How is that possible? Many schemes have been proposed for doing protected
memory.  Some variants will be spoken about, but the most widespread method
is something known as virtual memory.  Often tied into the concept of
virtual memory is the ability to use disk for memory too.
 
The fundamental idea is that the address you think your instruction or variable is at in memory is
fictional/virtual.  Say you want to load from address 2000 and load it into a register, and you
have another program that want to do the same thing, are they doing the same thing?
Nope!  They have nothing to do with each other in a virtual memory model.
Both programs live in their own virtual worlds, and can't see each other.
The kernel, with the help of a little piece of hardware called the MMU
is able to give each process its own virtual view of memory.  It decides
how that's going to map to real memory as it sees it.
 
So the kernel controls interrupts to control IO and it controls memory.
These are the two key controls.  If a kernel can't control these, it
can't properly provide protections ("It can't stop the rebellion").
 
Last class we talked about hypervisors.  The whole idea there is that the
kernel thinks that it has control of the interrupt table and the real
MMU are actually virtual ones, provided by the Hypervisor.


This is an interesting time to talk about operating systems, as this model
So you can now run windows inside a window on Linux, OSX, etc.
of operating system is becoming more and more obsolete. Part of this is that
more and more big applications are becoming part of the operating system (eg
browsers). Even the protection and privilege level separation is becoming
blurred. For example, Internet Explorer's HTML rendering engine is an object that can be used
by many other applications, making it an operating system service. This has
resulted in lawsuits surrounding what an Operating System is. Dr. Somayaji tends to take the
larger view that rather than the more specific view that the layer that talks to
the hardware is the Operating System.


What's newer, even if the idea is old, is an idea that has become really hot
in the last 5 years (but has been around for 10 years). Virtualization. VMWare
is now worth many billions of dollars. Xensource got bought by citrix.


How many people like to install Windows?  (Nobody raised their hand).
The difference between the various versions of windows:


The reason that this is important is that its a huge pain to install operating
- Windows 95, Windows 98 implemented these ideas for some programs, but not all, and
systems. So system administrators turn around and turn the OS into an
could get around it easily.
application, and just take copies of a new image and replace the OS image with
- Windows 3.1 didn't have these.
the new image to upgrade with instead.
- Windows XP, Vista are modern.


OS <math>\leftrightarrow</math> Application interface is the system calls.
There's one small problem with Vista and XP, however. 
This has to do with the nature of the processes:


{|align="right"
{|align="right"
|[[Image:Comp3000_lecture1_figure2.png]]
|[[Image:Processes_and_kernel.png]]
|}
|}
OS <math>\leftrightarrow</math> Hypervisor interface/provides virtual hardware to the OS (eg: here's an abstract
To upgrade things, the kernel trusts some programs/users to allow them to
disk, keyboard, network). This abstraction is mapped as the hypervisor sees
upgrade.  In windows, you tend to run as the user admin.  This means you're
fit onto hardware.
running the equivalent of the unix root command.  The kernel listens to you
and does just about anything you want, including install programs.
 
Say that cute Christmas animation.. which happens to install a keylogger
to send all your keystrokes to the other side of the world, so they can
log into your bank account.


Having software provide virtual hardware requires a few tricks, as some
In unix, there's the concept of root users and non-root users.  Root can
instructions on a processor go straight to the hardware making virtualization
ask for almost anything to be done, including change its codeIf you can
hardFortunately, Intel and AMD have provided extensions to help with this
tell the kernel to load new code, you can pretty much do anything. As
(VTx).
an unpriviledged user, the kernel/OS say no.


The main point to keep in mind here is that operating systems have
When people make fun of windows being insecure, its not a fundamental flaw
traditionally provided imaginary or virtual things for applications to play
with the design of windows -- its a little broken, overly complex in some ways --
with. Such as "Oh, you want memory?", I'll give you memory.. But what it gives
but certain design choices along the way in the name of usability, such as
you may not correspond to memory at all. Say you asked for a megabyte of
running as admin users so that users don't need to be asked to do something
memory, it may not actually give you it at that time, but only give it to you
special to change settings, install software, upgrade, etc.
when you use it.  The same goes with CPUs and the hypervisor.  It may not give
This is why we have the current spyware problem.
you a real CPU at that time.


The other big trend going on that makes things interesting that is going has
Vista changes this slightly with the UAC (User Access Control) which runs
to do with gaming systems.  Game manufacturers want to write their game for
a regular user with full priviledges, but asks you whenever priviledged
all of the platforms...  The hardware, however, is remarkably different. 
operations need doing -- Yes/NoAnd you just click on it.  But users
Modern PCs are moving towards 2-4 cores plus graphics processorsManaging
still click yes.  
multiple CPUs is a bit tricky, but we know how to do it.  The hard part
comes in with the graphics processors and non-traditional processors, such as
the cell processor:  The cell processor is 9 cores, but each core is specialized
and not symmetric.  They're not all general purpose.  


{|align="right"
And now there's easy ways to turn off UAC completely.  We'll talk about this more
|[[Image:Comp3000_lecture1_cell_processor.png]]
later when we talk about security.
|}
 
A standard cell processor has 8 SPUs and a central core, but one can be bad.
=== System Calls ===
The PS3 has 7 SPUs+Central CPU. It is a standard PPC (Power PC) core. The SPUs implement
 
SIMD. This takes one instruction and
How do you talk to a kernel?
applies it to multiple data items. Can do the op to an entire array at once.
 
Processing graphics and sound need to process big arraysThis is what
It's the dictator and you're a supplicant. How do you make a timely request
graphics cards to to a large extentThis means that they're not good for
to the kernel to ask it to please do something?  System calls!
general purpose code. There's no decision making capability (branching).
 
A system call is a standard mechanism for an application to talk to a kernel.
 
A system call is NOT a function call.  In your APIs and the like, it may look like
a function call, may be wrapped in one.. But in implementation, they are very
different.
 
In order for the kernel to be in control, it has to run with special
privileges and not give these to the user programs. There are various schemes,
but the common one is a 1-bit option: User mode, or supervisor mode. User mode
means that running as a regular program, you can't talk to the IO/interrupt
vectors or talk tot he MMU, but you can run instructions and access your own
memory. When you switch to supervisor mode, then everything is accessible. The
kernel runs in supervisor mode.
 
So if you're cut off and can't see the kernel, how do you send it a message?
You might be able to write to a special place in memory that the kernel might
check periodically, but how do you get it to check now?  Normally the kernel
is invoked by interrupts.. So as a user program, to invoke the kernel,
you call an interruptThere are special instructions, software interrupts,
that are like a hardware interrupt, but software initiates themThere are
interrupt tables just like for hardware.
 
So the kernel can then look at the memory of the invoking user program when a
user program calls the system call. Remember, because of the memory
protections, you can't just jump into kernel code, so the only way in is via an
interrupt.


; SISD : Single Instruction Single Data.  Plain vanilla processors.
Therefore, system calls cause interrupts to invoke the kernel.
; SIMD : Single instruction multiple data
; MIMD : Multiple Instructions Multiple Data.


How do you use these? How do you co-ordinate these processors? How do you
In the process of doing a system call, the system has to do a lot of 'paperwork'
abstract this division between CPU and GPU.
to change context.  System calls are expensive, very expensive.  This is
one of the things that tends to bound the performance of an operating system.


The XBox 360 is closer to a PC in that it has multiple CPUs and a GPU.
Modern CPUs are so fast, shouldn't they be able to switch really fast?
Developing for the PS3 versus the XBox is thus very different.
Turns out the tricks used to make modern CPUs really fast are like those
used to make muscle cars -- they tend to go really fast in a straight line,
but when you want to turn, you have to slow down to nearly a stop. Modern
CPUs are like that.


Hardware is becoming more and more parallel, but more and more dedicated
Interrupts cause all partial work done in parallel by modern CPUs to be
purpose.
thrown out, such as 10-20 or more instructions. The CPU has to fill the
pipelines and resume. This stuff happens at a level below that of what the
kernel runs at.  The kernel saves its registers before switching context,
so that it can resume later.

Latest revision as of 21:10, 21 October 2007

These notes have not yet been reviewed for correctness.

Introduction

Last class, we began talking about turning the machine we have into the machine we want.

What are some properties of the machine that we want?

    - usable / accessible
    - stable / reliable
    - functional (access to underlying resources)
    - efficient
    - customizable
    - secure
    - multitasking
    - portable

Examples:

    - If you have a computer that doesn't let you access the hardware via an input device (eg: keyboard, mouse, etc..), it isn't very functional.
    - For portability, do you really want to have to rewrite applications to support slight variations in the hardware such as different size hard disks and different amounts of RAM?
    - Multitasking is slightly different than efficiency. (needs editing and expanding, very unclear)


Operating systems don't do all of these perfectly, but they tend to do a lot of these at least acceptably.

If you look at the introduction to the text book, it talks about various types of operating systems. Some of the operating systems we know about are: Linux, Windows, MacOSX, VXWorks, QNX, MS-DOS, Soliaris/xBSD, OS/2, BeOS, VMS, MVS, OS/370, AIX, etc.

Linux isn't a variety of different operating systems to the same degree as the different versions of windows, as most linuxs' share some components, where as windows tends not to.

Of the list above, most of them are modern operating systems. To be a "modern" OS, there are two major qualities: Does it have protected memory, and does it have pre-emptive multitasking? (MS-DOS wouldn't apply to this list because it doesn't constitute as a modern OS.)

Protected Memory

What is protected memory?

Student: A situation where each program and the operating system has its own memory, and the OS prevents other programs from writing to another program's memory.

Dr. Somayaji: Access mechanisms to avoid having one program overwrite another program's memory.

This lets you have a situation where if one program crashes, you can just restart it. Damage due to memory overwrites is limited to one program.

Preemptive Multi-tasking

Preemptive Multitasking is a way to have more than one program run at a time. Older machines were known as batch machines and their operating systems were batch operating systems. These machines ran tasks that took a long time to finish execution, so the tasks were placed in a queue and run one at a time in sequence. These were typically things such things as payroll and accounts receivable for large business. Usually these would be left to run overnight and output the result of the tasks either on magnetic tape or a stack of printouts, which would be returned to the user in the morning.

What is the difference between preemptive multitasking and cooperative multitasking?

    - Preemptive multitasking: the OS enforces time sharing.
    - Co-operative multitasking: each program lets others run.

Examples:

    If you look at MS-DOS, there are batch files. These are just a sequence of commands to run. It runs them and then returns when done. (cooperative)
    If you want to run a GUI, however, a batch system is unlikely to be what you want, as a GUI environment tends to be interactive. (preemptive)

With the big iron in the old days they had big computers that would be sitting mostly idle, except when running the batch jobs. The idea of time sharing came along around then.

Structure of a computer

Stored Program architecture

The stored program architecture with today's computers is a bit of a fiction.

The things the microprocessor does are significantly faster than the RAM storage. Modern computers have to wait for data from RAM. However this time is dwarfed by the time spent waiting for I/O. This is because I/O devices tend to be mechanical: printers, hard disks, people at keyboards.

This helped cause the idea "what if we had multiple users and let them share the CPU" to come about. This is time-sharing. On modern computers, we do this too, but instead of sharing with multiple users we run multiple programs for a single user -- multi-tasking.

In older systems such as Win3.1 and MacOS 9, this was co-operative multi-tasking. When things started running, they'd hog the CPU until they decided they were ready to give up the CPU.

There used to be a great feature in the Mac in the old days where if you held down the mouse button, no networking would happen. This was because the program running at the time was hogging the CPU when the mouse button was pressed. In pre-emptive multitasking, you get booted out periodically so that the system can spend time paying attention to the network, to do animations, or to let other applications run. It spends a millisecond here, a millisecond there, etc. Instead of actually running simultaneously, they're periodically running, but they seem to run simultaneously to the end-user.

Sometimes you have 2 or more CPUs, but you have more than 2 things going on...

Processes and the Kernel

Processes are fundamentally the things that get multitasked and protected. It is the abstraction of a running program. This is what makes an operating system modern. In the old days, you had one memory space and the OS and its applications were all sharing the CPU and memory. Now, with a process model, there are barriers all over the place, and more importantly, something/someone in charge governing the process. It's not a free-for all, it has a dictator, and its name is the kernel.

Kernel as in the center piece.

Question to class: How many people have heard of the term Microkernel? Not many hands.

There are various terms that modify the term kernel such as monolithic kernel, microkernel, picokernel, etc. These specify how much stuff is in the microkernel. The idea is that the more code is in the kernel, the faster it goes, but conversely, that the more code there is the risk of crashing is higher.

All of the problem code goes into processes, as they can be restarted, and kept out of the kernel.

The debate about what is faster is not fully settled for technical and philosophical reasons. Almost all operating systems on the list above are big kernels, not small ones.

So if that's what a kernel is, how does a program fit into that? If there's one program to rule them all, where do processes fit in? The kernel decides who gets to run, that implements a priority scheme.

Student: "It got there first. You start the computer, then the kernel gets in. Everything has to talk to it or it doesn't run..."

It gets to set the rules... that's sort of it... In unix, there's the idea of the init process. It is first to run, and has special responsibilities. It is run using a regular binary, at system boot, by the kernel. This still doesn't tell us how the kernel keeps control of it.

The kernel often keeps control by getting the hardware to help. By loading first, the kernel can setup the CPU and memory so that it has control. This type of hardware assistance is generally available to the first code to request it.

Interrupts

Interrupts -- what are they? It's an alert to say something has to be done now.

A CPU is running the programs, until something happens, like someone pressing a key or a network packet arrives. So an I/O device flags an interrupt. The CPU now has to stop and pay attention

An interrupt is just a mechanism to allow the CPU to change contexts, to switch from running one bit of code to another. There's a standard set of interrupts defined by the hardware. Associated with each interrupt there's a bit of code. When one interrupts happens, run its code, when another happens, run another. For example, for the keyboard, there's a routine to read a key from the keyboard, store it in a buffer so its not overwritten when the next key is pressed, then returns.

Think of an interrupt as a little kid pulling at your pant leg. It wants your attention now.

The OS controls interrupts to control the CPU (and also what happens with RAM).

Wait a second? If the kernel can only control interrupts, how can it keep general control if no interrupts happen? The clock IO device! It throws interrupts too.

As a part of the boot sequence, the kernel programs the clock to wake the operating system up every, say, 100th of a second. Call me! So the OS can then keep running and perform its tasks as it needs: "Is everyone behaving nicely? Do I need to kill anyone?"

Virtual Memory

A slight fly in the ointment: If you are a program, and want to take control, how do you mount a rebellion? You overwrite the interrupt table! This is where protected memory comes in. It prevents a regular program from doing this. As a regular process, you often can't even see the interrupt table.

How is that possible? Many schemes have been proposed for doing protected memory. Some variants will be spoken about, but the most widespread method is something known as virtual memory. Often tied into the concept of virtual memory is the ability to use disk for memory too.

The fundamental idea is that the address you think your instruction or variable is at in memory is fictional/virtual. Say you want to load from address 2000 and load it into a register, and you have another program that want to do the same thing, are they doing the same thing? Nope! They have nothing to do with each other in a virtual memory model. Both programs live in their own virtual worlds, and can't see each other. The kernel, with the help of a little piece of hardware called the MMU is able to give each process its own virtual view of memory. It decides how that's going to map to real memory as it sees it.

So the kernel controls interrupts to control IO and it controls memory. These are the two key controls. If a kernel can't control these, it can't properly provide protections ("It can't stop the rebellion").

Last class we talked about hypervisors. The whole idea there is that the kernel thinks that it has control of the interrupt table and the real MMU are actually virtual ones, provided by the Hypervisor.

So you can now run windows inside a window on Linux, OSX, etc.


The difference between the various versions of windows:

- Windows 95, Windows 98 implemented these ideas for some programs, but not all, and could get around it easily. - Windows 3.1 didn't have these. - Windows XP, Vista are modern.

There's one small problem with Vista and XP, however. This has to do with the nature of the processes:

To upgrade things, the kernel trusts some programs/users to allow them to upgrade. In windows, you tend to run as the user admin. This means you're running the equivalent of the unix root command. The kernel listens to you and does just about anything you want, including install programs.

Say that cute Christmas animation.. which happens to install a keylogger to send all your keystrokes to the other side of the world, so they can log into your bank account.

In unix, there's the concept of root users and non-root users. Root can ask for almost anything to be done, including change its code. If you can tell the kernel to load new code, you can pretty much do anything. As an unpriviledged user, the kernel/OS say no.

When people make fun of windows being insecure, its not a fundamental flaw with the design of windows -- its a little broken, overly complex in some ways -- but certain design choices along the way in the name of usability, such as running as admin users so that users don't need to be asked to do something special to change settings, install software, upgrade, etc. This is why we have the current spyware problem.

Vista changes this slightly with the UAC (User Access Control) which runs a regular user with full priviledges, but asks you whenever priviledged operations need doing -- Yes/No. And you just click on it. But users still click yes.

And now there's easy ways to turn off UAC completely. We'll talk about this more later when we talk about security.

System Calls

How do you talk to a kernel?

It's the dictator and you're a supplicant. How do you make a timely request to the kernel to ask it to please do something? System calls!

A system call is a standard mechanism for an application to talk to a kernel.

A system call is NOT a function call. In your APIs and the like, it may look like a function call, may be wrapped in one.. But in implementation, they are very different.

In order for the kernel to be in control, it has to run with special privileges and not give these to the user programs. There are various schemes, but the common one is a 1-bit option: User mode, or supervisor mode. User mode means that running as a regular program, you can't talk to the IO/interrupt vectors or talk tot he MMU, but you can run instructions and access your own memory. When you switch to supervisor mode, then everything is accessible. The kernel runs in supervisor mode.

So if you're cut off and can't see the kernel, how do you send it a message? You might be able to write to a special place in memory that the kernel might check periodically, but how do you get it to check now? Normally the kernel is invoked by interrupts.. So as a user program, to invoke the kernel, you call an interrupt. There are special instructions, software interrupts, that are like a hardware interrupt, but software initiates them. There are interrupt tables just like for hardware.

So the kernel can then look at the memory of the invoking user program when a user program calls the system call. Remember, because of the memory protections, you can't just jump into kernel code, so the only way in is via an interrupt.

Therefore, system calls cause interrupts to invoke the kernel.

In the process of doing a system call, the system has to do a lot of 'paperwork' to change context. System calls are expensive, very expensive. This is one of the things that tends to bound the performance of an operating system.

Modern CPUs are so fast, shouldn't they be able to switch really fast? Turns out the tricks used to make modern CPUs really fast are like those used to make muscle cars -- they tend to go really fast in a straight line, but when you want to turn, you have to slow down to nearly a stop. Modern CPUs are like that.

Interrupts cause all partial work done in parallel by modern CPUs to be thrown out, such as 10-20 or more instructions. The CPU has to fill the pipelines and resume. This stuff happens at a level below that of what the kernel runs at. The kernel saves its registers before switching context, so that it can resume later.