Architectural Support for Operating Systems

Lecture 2 - Week 1 - September 27, 2016

Protection

Protected Instructions

  • A subset of instructions of every CPU is restricted to use only by the OS
  • These are known as protected/privileged instructions.
  • Include:
    • Directly access I/O devices
    • Manipulate memory management state
    • Manipulate protected control registers
    • Halt instruction

OS Protection

OS has (atleast) two modes of operation

  1. Kernel mode
  2. User mode
    • User programs run under this mode

Status bit

These modes are specified as a status bit within a protected control register.

  • Before executing each privileged instruction, the CPU checks this special bit to determine at what privilege the instruction is running at.

Memory Protection

  • Protect programs (including the OS) from one another.
  • Manipulating memory management hardware uses protected (privileged) operations.
  • Done by Virtualizing Memory

Events

  • are an ”unnatural” change in control flow
  • This change triggers the OS to interrupt and stop the current execution to handler the event
  • The kernel defines a handler for each event type
    • these always execute in kernel mode
  • Once the system is booted, all entry to the kernel occurs at the result of an event
    • In effect, the operating system is one big event handler.
    • The OS gains control of the CPU when handling an event.

Categorizing events

Two kinds of events:

  • Interrupts
    • These are external
      • Device finishes I/O, timer expires, etc.
  • Exceptions
    • Caused by executing instructions
      • CPU requires software intervention to handle a fault or trap

Two reasons for events

  • Deliberate
  • Unexpected

Faults

These are exceptions that are unexpected

  • Upon exception, hardware “faults”
    • Must save state (PC, regs, mode, etc.) so that the faulting process can be restarted.
  • Fault exceptions are a performance optimization
    • Could detect faults by inserting extra instructions into code (at a significant performance penalty)

Handling Faults

Some faults are benign, and should be handed by “fixing” the exception condition:

  • The program should continue as expected

Some faults are handled by notifying the process

  • The program can register an event (signal) handler for a fault (e.g., divide by zero) which the OS executes when the fault is encountered.

The kernel may handle unrecoverable faults by killing the user process

  • This may occur when the program faults with no registered handler
  • Involves halting prices, writing process state to file, destroy process
  • In Unix, this is the default action for many signals (e.g., SIGSEGV)

What about faults in the Kernel?

  • These are considered fatal, as the operating system crashes
  • Examples: Unix panic, Windows “Blue screen of death”
    • Kernel is halted, state dumped to a core file, machine locked up

System Calls

For a user program to do something “privileged” (e.g., I/O) it must call an OS procedure.

  • Known as crossing the protection boundary, or protected procedure call, or protected control transfer

CPU ISA provides a system call instruction that:

  • Causes an exception, which vectors to a kernel handler
  • Passes a parameter determining the system routine to call
  • Saves a caller state (PC, regs, mode) o it can be restored
  • Returning from system call restores this state

This transfers control to the Operating System. A system call is a function provided through the OS API.

Requires architectural support to:

  • Verify input parameters (e.g., valid addresses for buffers)
  • Restores saved state, reset mode, resume execution.

Interrupts

Interrupts signal asynchronous events

  • I/O hardware interrupts
  • Software and hardware timers

Come in two flavors

  • Precise:
    • CPU transfers control only on instruction boundaries
  • Imprecise:
    • CPU transfers control in the middle of instruction execution
  • OS designers like precise interrupts, CPU designers like imprecise interrupts

Timers

The fallback mechanism by which the OS reclaims control over the machine

Setting the timer is a privileged instruction When timer expires, generates an interrupt!

I/O

Completion

  • Interrupts are the basis for asynchronous I/O
    • The I/O device fires an interrupt signal to tell the CPU when it is done
  • This allows the CPU to not have to wait for slow I/O operations to complete before continuing with execution.