Operating Systems 2020W: Assignment 4

From Soma-notes
Revision as of 22:09, 23 March 2020 by Soma (talk | contribs) (Created page with "Below are questions for Assignment 4. Written answers will not be graded. Instead, related multiple choice questions will be posted on cuLearn by March 31st and will be due...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Below are questions for Assignment 4. Written answers will not be graded. Instead, related multiple choice questions will be posted on cuLearn by March 31st and will be due by 2:30 PM on April 3, 2020.

Tutorial 8 Questions

  1. Can a process change where data and code is stored in virtual memory? What about in physical memory?
  2. If two processes mmap the same library, will that library (necessarily) have the same virtual addresses for both processes? What about the same physical addresses?
  3. What system calls does 3000memview2 use to get physical addresses? Are any of these new (ones we haven't previously seen in class)? Why?
  4. Who has access to /dev/physicalview? How do you know (from the code)?
  5. List all of the page table lookups that get_physical() does in 3000physicalview.c. Why are there so many lookups?
  6. Can you do an ioctl call on regular files? Why or why not?
  7. What are the values of PAGE_SHIFT and PAGE_SIZE? Where are they defined? What do they represent?

Tutorial 9 Questions

  1. Where is FILTER_PID defined? Where is it used?
  2. How could you make 3000shellwatch.py watch for events in any process, not just a specific one? What events would it then report?
  3. Make 3000shellwatch.py monitor all instances of 3000shell by checking a process's comm property. Be sure to remove the PID argument. (Hint: see bashreadline)
  4. What code of 3000shellwatch runs in userspace? What runs in kernel space?
  5. Why does 3000shellwatch require root privileges to run? Give an example of a small change you could make to 3000shellwatch that would give an unprivileged user the ability to see or do something that they normally can't.
  6. How are a uprobe and a uretprobe similar? How are they different?
  7. What is the signals dictionary used for?
  8. As presented in the tutorial, does 3000shellwatch have to use eBPF to achieve its goals? Could it instead have used ptrace? Argue for or against, based on the level of access you've seen gdb and strace have to processes using the ptrace system call.
  9. On line 69 of bpfprogram.c, does sys_exit refer to the exit system call? Explain.