Create an abstract machine environment A nicer environment than bare hardware Consists of multiple, autonomous abstract

components Components may be in use concurrently

Coordinate the use of the components Resource manager Manage according to the policies of the

machine’s administrator

2

Exact set of functions required depends on engineering and marketing choices but each function falls in one of these categories:

Device management Process, thread, and resource

management Memory management File management

3

4

Processor(s) Main Memory Devices

Process, Thread &Resource Manager

MemoryManager

DeviceManager

FileManager

OS uses policies chosen by designer or system administrator to manage Allocation Isolation Sharing

Device manager in two parts Device independent – provides unified

interface Device dependent – device driver: handles

those aspects unique to a device

5

6

Device-IndependentPart

Device-IndependentPart

Device-DependentPart

Device-DependentPart

Device …Device Device

Device-DependentPart

Device-DependentPart

Device-DependentPart

Device-DependentPart

7

ApplicationProcess

ApplicationProcess

FileManager

FileManager

Device Controller

CommandCommand StatusStatus DataData

Hardware Interface

System Interface

Device-IndependentDevice-Independent

Device-DependentDevice-Dependent

8

read(device, …);

Data

Device Controller

CommandCommand StatusStatus DataData

read driver

write driver

1

2

4

5Hardware Interface

System Interface

Device Status Table

DeviceHandler

DeviceHandler

InterruptHandler

InterruptHandler

6

7

8a

8b

9

3

9

10

11

ProtectionProtection

DeadlockDeadlockSynchronizationSynchronization

ProcessDescription

ProcessDescription

ResourceManager

ResourceManagerResource

Manager

ResourceManagerResource

Manager

ResourceManager

Process Mgr

SchedulerScheduler

CPUCPU

Other H/WOther H/W

12

…

Processor

PrimaryMemory

AbstractResources

MultiprogrammingMultiprogramming

ThreadAbstraction

ThreadAbstraction

ProcessAbstraction

ProcessAbstraction Generic

ResourceManager

GenericResourceManager

OtherOther

13

PrimaryMemory

ProcessManager

ProcessManager

BlockAllocation

BlockAllocation

VirtualMemory

VirtualMemory

Isolation &Sharing

Isolation &Sharing

StorageDevices

14

15

16

17

18

Scheduler

IPC

Process/ThreadAdmin

Synchronization

MemoryAllocation

VirtualMemory

FileManagement

DeviceManagement

ResourceManagement

DeadlockManagement

ProtectionMechanisms

InterruptHandler

19

ApplicationSoftware

ApplicationSoftware

Other SystemSoftware

Other SystemSoftware

Other OS FunctionsOther OS Functions

Kernel FunctionsKernel Functions

ApplicationSoftware

ApplicationSoftware

Other SystemSoftware

Other SystemSoftware

Other OS FunctionsOther OS Functions

Nucleus Functions

ApplicationSoftware

ApplicationSoftware

Other SystemSoftware

Other SystemSoftware

Other OS FunctionsOther OS Functions

Nucleus Functions

ApplicationSoftware

ApplicationSoftware

Other SystemSoftware

Other SystemSoftware

Other OS FunctionsOther OS Functions

Skeletal NucleusNucleus Functions

(a) Monolithic (b) Modular (microkernel)

(c) Extensible (d) Layered

Two recurring issues in design Performance Exclusive use of resources

Three basic implementation mechanisms Processor modes Kernels Method of invoking system service

20

Must be as efficient as possible in use of resources (especially processor and memory)

Every design issue MUST be evaluated wrt its contribution to functionality of system AND its impact on performance

Seek to minimize “overhead” of the system wrt the applications running on the system

Increased hardware performance does allow added functionality in spite of inefficiency

21

22

Multiprogramming resource sharing Therefore, need software-controlled

resource isolation Security policy: Sharing strategy chosen

by computer’s owner Protection mechanism: Tool to implement

a family of security policies

23

Security depends on correct operation of software trusted vs. untrusted software

Need to insure that untrusted software cannot change trusted software

Can limit the function of the OS Guiding a manned spaceship Managing a nuclear reactor

24

Mode bit: Supervisor or User mode Some processors may have more than one

mode Supervisor mode (privileged, protected)

Can execute all machine instructions Can reference all memory locations

User mode Can only execute a subset of instructions Can only reference a subset of memory

locations

25

Ensures proper operation of a computer system Protect the operating system and all other

programs and their data from any malfunctioning program

Protection is needed for any shared resource Trusted OS software runs in supervisor

mode All other software runs in user mode

26

Supervisor mode all instructions are legal all addresses are absolute physical addresses

(base and bound are not used) User mode

instructions that modify control registers are illegal

all addresses must be less than bound and have base added to them

27

Instructions that can only be executed in the supervisor mode are called supervisor, privileged, or protected instructions

I/O instructions are privileged instructions A user program in user mode cannot perform its

own I/O Instruction to change the mode is a

privileged instruction Instruction to set the halt flag is a privileged

instruction

28

When A is using processor, register points to its object

When B is using processor, register does not point to A’s object

29

Process AProcess A

SupervisorProgram

SupervisorProgram

A’s ProtectedObject

A’s ProtectedObject

Processor

Process BProcess B

Kernels Critical parts of OS that run in supervisor

mode Have access to other parts of the kernel

Trusted software Extensions to the OS execute in user

mode The trap instruction is used to switch

from user to supervisor mode, entering the OS

30

31

SMode

TrustedCode

trap

User Supervisor

Branch Table

2

3

1

32

…fork();…

fork() {…trap N_SYS_FORK()…}

sys_fork()

sys_fork() {/* system function */ … return;}

KernelTrap Table

Two techniques System call Message

passing

33

call(…);

trap

return;

For the system through a trap instruction which causes an

interrupt Hardware saves PC and current status information Hardware changes mode to system mode Hardware loads PC from system call interrupt

vector location. Execute the system call interrupt handler return from the handler, restores PC and other

saved status information User process continues.

34

35

…fork();…

fork() {…trap N_SYS_FORK()…}

sys_fork()

sys_fork() {/* system function */ … return;}

KernelTrap Table

Parameter passing Through registers

System call number passed through register Parameters are passed through registers Returned value is also passed through a register

to C/C++ Through a table in memory

Pass the address of the table in a register Through the stack

Push the parameters on the stack by the user program

Pop the parameters off the stack by the O.S.

36

37

User Space Kernel Space

fork();

sys_fork() {

}

Thread

Two techniques System call Message

passing

38

send(…, A, …);receive(…, B, …);

receive(…A, …); …send(…, B, …);

send/receive

39

Processor(s) Main Memory Devices

Process, Thread &Resource Manager

MemoryManager

DeviceManager

FileManager

UNIX MACH MS-DOS Windows NT OS/2 MacOS

40

One of the most popular operating systems First version released in 1969

By Ken Thompson & Dennis Ritchie at Bell Labs ACM Turing Award – 1983 National Medal of Technology – 1999 Japan Prize for Information and Communications –

2011 Widely used in universities and research

organizations Time-sharing system Supports multiple processes Disk files and I/O devices are treated similarly

41

42

Written in a high-level language. Distributed in source form. Provided powerful operating-system

primitives on an inexpensive platform. Small size, modular, clean design.

43

Designed to be a time-sharing system Has a simple standard user interface that

can be replaced. File system with multilevel tree-

structured directories. Files are supported by the kernel as

unstructured sequences of bytes. Supports multiple processes; a process

can easily create new processes. High priority given to making system

interactive, and providing facilities for program development.

44

45

LibrariesLibraries CommandsCommands

Device DriverDevice Driver

Interactive User

ApplicationPrograms

ApplicationPrograms

OS System Call Interface

Device DriverDevice Driver

Device DriverDevice Driver

Dri

ver

Inte

rfac

eD

rive

r In

terf

ace

…Monolithic Kernel Module•Process Management•Memory Management•File Management•Device Mgmt Infrastructure

Trap Table

…

UNIX is copyrighted – now supported by SCO long litigious story there!

Open source variations freebsd

www.freebsd.org/availability.html Linux

many distributions

46

32-bit preemptive multitasking operating system for modern microprocessors.

Key goals for the system: portability security POSIX compliance multiprocessor support extensibility international support compatibility with MS-DOS and MS-Windows applications.

Uses a micro-kernel architecture. Available in two versions, Windows NT Workstation

and Windows NT Server. In 1996, more NT server licenses were sold than UNIX

licenses

47

48

Processor(s) Main Memory Devices

LibrariesLibraries

ProcessProcess

ProcessProcess

ProcessProcess

SubsystemSubsystemUser

SubsystemSubsystem SubsystemSubsystem

Hardware Abstraction LayerHardware Abstraction LayerNT Kernel

NT ExecutiveI/O SubsystemI/O Subsystem

TT

TT

TT T T

T

Process ManagementMemory ManagementFile ManagementDevice Mgmt Infrastructure

In 1988, Microsoft decided to develop a “new technology” (NT) portable operating system that supported both the OS/2 and POSIX APIs.

Originally, NT was supposed to use the OS/2 API as its native environment but during development NT was changed to use the Win32 API, reflecting the popularity of Windows 3.0.

49

Extensibility — layered architecture. NT executive, which runs in protected mode,

provides the basic system services. On top of the executive, several server

subsystems operate in user mode. Modular structure allows additional

environmental subsystems to be added without affecting the executive.

50

Portability — NT can be moved from one hardware architecture to another with relatively few changes. Written in C and C++. Processor-dependent code is isolated in a

dynamic link library (DLL) called the “hardware abstraction layer” (HAL).

Reliability — NT uses hardware protection for virtual memory, and software protection mechanisms for operating system resources.

51

Compatibility — applications that follow the IEEE 1003.1 (POSIX) standard can be complied to run on NT without changing the source code.

Performance — NT subsystems can communicate with one another via high-performance message passing. Preemption of low priority threads enables the

system to respond quickly to external events. Designed for symmetrical multiprocessing.

International support — supports different locales via the national language support (NLS) API.

52

Layered system of modules. Protected mode — HAL, kernel,

executive. User mode — collection of subsystems

Environmental subsystems emulate different operating systems.

Protection subsystems provide security functions.

53