CS162 Operating Systems and Systems Programming Lecture 12 Protection (continued) Address TranslationReview: Multi-Level Feedback SchedulingReview: Lottery Scheduling ExampleReview: Important Aspects of Memory MultiplexingGoals for TodayDual-Mode OperationFor Protection, Lock User-Programs in AsylumHow to get from KernelUserUserKernel (System Call)System Call ContinuedUserKernel (Exceptions: Traps and Interrupts)Additions to MIPS ISA to support Exceptions?Details of Cause RegisterIntel x86 Special RegistersCommunicationAdministriviaSimple Segmentation: Base and LimitBase and Limit segmentation discussionCons for Simple Segmentation MethodMore Flexible SegmentationImplementation of Multi-Segment ModelExample: Four Segments (16 bit addresses)Example of segment translationObservations about SegmentationSchematic View of SwappingPaging: Physical Memory in Fixed Size ChunksHow to Implement Paging?What about Sharing?Simple Page Table DiscussionMulti-level TranslationWhat about Sharing (Complete Segment)?Another common example: two-level page tableMulti-level Translation AnalysisInverted Page TableClosing thought: Protection without HardwareSummary (1/2)Summary (2/2)CS162Operating Systems andSystems ProgrammingLecture 12Protection (continued)Address TranslationOctober 10, 2005Prof. John Kubiatowiczhttp://inst.eecs.berkeley.edu/~cs162Lec 12.210/10/05 Kubiatowicz CS162 ©UCB Fall 2005Review: Multi-Level Feedback Scheduling•Another method for exploiting past behavior–First used in CTSS–Multiple queues, each with different priority»Higher priority queues often considered “foreground” tasks–Each queue has its own scheduling algorithm»e.g. foreground – RR, background – FCFS»Sometimes multiple RR priorities with quantum increasing exponentially (highest:1ms, next:2ms, next: 4ms, etc)•Adjust each job’s priority as follows (details vary)–Job starts in highest priority queue–If timeout expires, drop one level–If timeout doesn’t expire, push up one level (or to top)Long-Running ComputeTasks Demoted to Low PriorityLec 12.310/10/05 Kubiatowicz CS162 ©UCB Fall 2005Review: Lottery Scheduling Example•Lottery Scheduling Example–Assume short jobs get 10 tickets, long jobs get 1 ticket–What if too many short jobs to give reasonable response time? »In UNIX, if load average is 100, hard to make progress»One approach: log some user out# short jobs/# long jobs% of CPU each short jobs gets% of CPU each long jobs gets1/1 91% 9%0/2 N/A 50%2/0 50% N/A10/1 9.9% 0.99%1/10 50% 5%Lec 12.410/10/05 Kubiatowicz CS162 ©UCB Fall 2005Review: Important Aspects of Memory Multiplexing•Controlled overlap:–Separate state of threads should not collide in physical memory. Obviously, unexpected overlap causes chaos!–Conversely, would like the ability to overlap when desired (for communication)•Translation: –Ability to translate accesses from one address space (virtual) to a different one (physical)–When translation exists, processor uses virtual addresses, physical memory uses physical addresses–Side effects:»Can be used to avoid overlap»Can be used to give uniform view of memory to programs•Protection:–Prevent access to private memory of other processes»Different pages of memory can be given special behavior (Read Only, Invisible to user programs, etc).»Kernel data protected from User programs»Programs protected from themselvesLec 12.510/10/05 Kubiatowicz CS162 ©UCB Fall 2005Goals for Today•Finish discussion of protection•Address Translation SchemesNote: Some slides and/or pictures in the following areadapted from slides ©2005 Silberschatz, Galvin, and GagneLec 12.610/10/05 Kubiatowicz CS162 ©UCB Fall 2005Dual-Mode Operation•To Assist with Protection, Hardware provides at least two modes (Dual-Mode Operation):–“Kernel” mode (or “supervisor” or “protected”)–“User” mode (Normal program mode)–Mode set with bits in special control register only accessible in kernel-mode•Intel processor actually has four “rings” of protection:–PL (Priviledge Level) from 0 – 3»PL0 has full access, PL3 has least–Privilege Level set in code segment descriptor (CS)–Mirrored “IOPL” bits in condition register gives permission to programs to use the I/O instructions–Typical OS kernels on Intel processors only use PL0 (“user”) and PL3 (“kernel”)Lec 12.710/10/05 Kubiatowicz CS162 ©UCB Fall 2005For Protection, Lock User-Programs in Asylum•Idea: Lock user programs in padded cell with no exit or sharp objects–Cannot change mode to kernel mode–User cannot modify page table mapping –Limited access to memory: cannot adversely effect other processes»Side-effect: Limited access to memory-mapped I/O operations (I/O that occurs by reading/writing memory locations)–Limited access to interrupt controller –What else needs to be protected?•A couple of issues–How to share CPU between kernel and user programs? »Kinda like both the inmates and the warden in asylum are the same person. How do you manage this???–How do programs interact?–How does one switch between kernel and user modes?»OS user (kernel user mode): getting into cell»User OS (user kernel mode): getting out of cellLec 12.810/10/05 Kubiatowicz CS162 ©UCB Fall 2005How to get from KernelUser•What does the kernel do to create a new user process?–Allocate and initialize address-space control block–Read program off disk and store in memory–Allocate and initialize translation table »Point at code in memory so program can execute»Possibly point at statically initialized data–Run Program:»Set machine registers»Set hardware pointer to translation table»Set processor status word for user mode»Jump to start of program•How does kernel switch between processes?–Same saving/restoring of registers as before–Save/restore hardware pointer to translation tableLec 12.910/10/05 Kubiatowicz CS162 ©UCB Fall 2005UserKernel (System Call)•Can’t let inmate (user) get out of padded cell on own–Would defeat purpose of protection!–So, how does the user program get back into kernel?•System call: Voluntary procedure call into kernel–Hardware for controlled UserKernel transition–Can any kernel routine be called?»No! Only specific ones.–System call ID encoded into system call instruction»Index forces well-defined interface with kernelLec 12.1010/10/05 Kubiatowicz CS162 ©UCB Fall 2005System Call Continued•What are some
View Full Document
Unlocking...