COMP 630 OS Implementation x86 Memory Protection and Translation Don Porter 1 Binary Formats COMP 630 OS Implementation Logical Diagram Memory Allocators System Calls Threads User Kernel RCU File System Networking Sync Memory Management Device Today s Drivers Lecture CPU Scheduler Interrupts Disk Net Consistency Today s Lecture Focus on Hardware ABI 2 Hardware Memory ManagementCPUSchedulerBinary FormatsConsistencySystem CallsInterruptsDiskNetRCUFile SystemDeviceDriversNetworkingSyncMemory AllocatorsThreadsToday s Lecture COMP 630 OS Implementation Lecture Goal Understand the hardware tools available on a modern x86 processor for manipulating and protecting memory Lab 2 You will program this hardware Apologies Material can be a bit dry but important Plus slides will be good reference But cool tech tricks How does thread local storage TLS work An actual and tough Microsoft interview question 3 COMP 630 OS Implementation Undergrad Review What is Virtual memory Segmentation Paging 4 COMP 630 OS Implementation Memory Mapping Process 1 Process 2 Virtual Memory 0x1000 Only one physical address 0x1000 Virtual Memory Program expects x 0x1000 to always be at address 0x1000 int x 0x1000 0x1000 Physical Memory 5 Only one physical address 0x1000 COMP 630 OS Implementation Two System Goals 1 Provide an abstraction of contiguous isolated virtual memory to a program 2 Prevent illegal operations Prevent access to other application or OS memory Detect failures early e g segfault on address 0 More recently prevent exploits that try to execute program data 6 COMP 630 OS Implementation Outline x86 processor modes x86 segmentation x86 page tables Advanced Features Interesting applications problems 7 COMP 630 OS Implementation x86 Processor Modes Real mode walks and talks like a really old x86 chip State at boot 20 bit address space direct physical memory access 1 MB of usable memory Segmentation available no paging Protected mode Standard 32 bit x86 mode Segmentation and paging Privilege levels separate user and kernel 8 COMP 630 OS Implementation x86 Processor Modes Long mode 64 bit mode aka amd64 x86 64 etc Very similar to 32 bit mode protected mode but bigger Restrict segmentation use Garbage collect deprecated instructions Chips can still run in protected mode with old instructions Even more obscure modes we won t discuss today 9 COMP 630 OS Implementation Translation Overview 0xdeadbeef Segmentation 0x0eadbeef Paging 0x6eadbeef Virtual Address Linear Address Physical Address Protected Long mode only Segmentation cannot be disabled But can be a no op aka flat mode 10 0xdeadbeef0x0eadbeef0x6eadbeefSegmentationPaging COMP 630 OS Implementation x86 Segmentation A segment has Base address linear address Length Permissions 11 COMP 630 OS Implementation Programming model Segments for code data stack extra A program can have up to 6 total segments Segments identified by registers cs ds ss es fs gs Prefix all memory accesses with desired segment mov eax ds 0x80 load offset 0x80 from data into eax jmp cs 0xab8 jump execution to code offset 0xab8 mov ss 0x40 ecx move ecx to stack offset 0x40 12 Segmented Programming Pseudo example COMP 630 OS Implementation global int x 1 int y stack if x y 1 printf Boo ds x 1 data ss y stack if ds x ss y 1 cs printf ds Boo else y 0 else ss y 0 Segments would be used in assembly not C 13 COMP 630 OS Implementation Programming cont This is cumbersome so infer code data and stack segments by instruction type Control flow instructions use code segment jump call Stack management push pop uses stack Most loads stores use data segment Extra segments es fs gs must be used explicitly 14 COMP 630 OS Implementation Segment management For safety without paging only the OS should define segments Why Two segment tables the OS creates in memory Global any process can use these segments Local segment definitions for a specific process How does the hardware know where they are Dedicated registers gdtr and ldtr Privileged instructions lgdt lldt 15 COMP 630 OS Implementation Segment registers Table Index 13 bits Global or Local Table 1 bit Ring 2 bits Set by the OS on fork context switch etc 16 Table Index 13 bits Global or Local Table 1 bit Ring 2 bits COMP 630 OS Implementation Segments Illustrated Low 3 bits 0 Index 1 4th bit cs 0x8 ds 0xf gdtr 0 0B 0x123000 0x423000 1MB 1MB call cs 0xf150 0x123000 0xf150 0x123150 17 0x123000 1MB0 0B0x423000 1MB gdtrcs 0x8ds 0xfLow 3 bits 0Index 1 4th bit COMP 630 OS Implementation Sample Problem Old JOS Bootloader Suppose my kernel is compiled to be in upper 256 MB of a 32 bit address space i e 0xf0100000 Common to put OS kernel at top of address space Bootloader starts in real mode only 1MB of addressable physical memory Bootloader loads kernel at 0x00100000 Can t address 0xf0100000 18 COMP 630 OS Implementation Booting problem Kernel needs to set up and manage its own page tables Paging can translate 0xf0100000 to 0x00100000 But what to do between the bootloader and kernel code that sets up paging 19 COMP 630 OS Implementation Segmentation to the Rescue kern entry S What is this code doing mygdt SEG NULL null seg SEG STA X STA R KERNBASE 0xffffffff code seg SEG STA W KERNBASE 0xffffffff data seg 20 COMP 630 OS Implementation JOS ex 1 cont SEG STA X STA R KERNBASE 0xffffffff code seg Execute and Read permission Offset 0xf0000000 Segment Length 4 GB jmp 0xf01000db8 virtual addr implicit cs seg jmp 0xf01000db8 0xf0000000 jmp 0x001000db8 linear addr 21 Execute and Read permission Offset 0xf0000000 Segment Length 4 GB COMP 630 OS Implementation Flat segmentation The above trick is used for booting We eventually want to use paging How can we make segmentation a no op From kern pmap c 0x8 kernel code segment GD KT 3 SEG STA X STA R 0x0 0xffffffff 0 Execute and Read permission Offset 0x00000000 Segment Length 4 GB Ring 0 22 Execute and Read permission Offset0x00000000 Segment Length 4 GB Ring 0 COMP 630 OS Implementation Outline x86 processor modes x86 segmentation x86 page tables Advanced Features Interesting applications problems 23 COMP 630 OS Implementation Paging Model 32 or 64 bit address space Arbitrary mapping of linear to physical pages Pages are most commonly 4 KB Newer processors also support page sizes of 2 MB and 1 GB 24 COMP 630 OS Implementation How it works OS creates a page table Any old page with entries formatted properly Hardware interprets entries cr3 register points to the current page table Only ring0 can change cr3 25 COMP 630 OS
View Full Document