System Calls

1
System Calls Libraries

• Vivek Pai
• Lecture 4, COS318
• Sep 24, 2002

2
Gedankundmathematics

• Recall the pointer verification case for fread( )
• Can you speed up the checking process?
• Whats the best you could achieve? O(n)? O(logn)?
  O(1)?
• What happens if you have gt32 bits?
• Aside atoms in universe 1080, or 2256
• Does this provide any other benefits?

3
Mechanics

• Project 1
• Has everyone started?
• Barring major problems, due Tuesday 1159pm
• Upcoming projects
• No more groups of 3
• Who wants partners?
• Readings updated
• Project 2 documentation in place

4
Protection Issues

• I/O protection
• Prevent users from performing illegal I/Os
• Memory protection
• Prevent users from modifying kernel code and data
  structures
• CPU protection
• Prevent a user from using the CPU for too long

5
Protection Is Not Safety/Security

• Protection is a prerequisite
• Safety can be separation of concerns
• Security related to overall design
• Examples?
• Bad pointer access causing seg fault
• Sniffing cleartext passwords on the wire

6
Support in Modern ProcessorsUser ? Kernel
An interrupt or exception (INT)

• User mode
• Regular instructions
• Access user-mode memory

• Kernel (privileged) mode
• Regular instructions
• Access user-mode memory

A special instruction (IRET)
7
Why a Privileged Mode?

• Special Instructions
• Mapping, TLB, etc
• Device registers
• I/O channels, etc.
• Mode Bits
• Processor features
• Device access

8
x86 Protection Rings
Privileged instructions Can be executed only When
current privileged Level (CPR) is 0
Level 3
Level 2
Level 1
Operating system kernel
Level 0
Operating system services
Applications
9
Other Design Approaches

• Capabilities
• Fine-grained access control
• Crypto-like tokens
• Microkernels
• OS services in user space
• Small core hypervisor

10
Monolithic
User program
User program

• All kernel routines are together
• A system call interface
• Examples
• Linux
• Most Unix OS
• NT

return
call
entry
Kernel many many things
11
Monolithic Pros and Cons

• Pros
• Relatively few crossings
• Shared kernel address space
• Performance
• Cons
• Flexibility
• Stability
• Experimentation

12
Layered Structure

• Hiding information at each layer
• Develop a layer at a time
• Examples
• THE (6 layers)
• MS-DOS (4 layers)

Level N
. . .
Level 2
Level 1
Hardware
13
Layering Pros and Cons

• Pros
• Separation of concerns
• Simplicity / elegance
• Cons
• Boundary crossings
• Performance?

14
Microkernel
User program
Services

• Micro-kernel is micro
• Services are implemented as regular process
• Micro-kernel get services on behalf of users by
  messaging with the service processes
• Examples Taos, Mach, L4

return
call
entry
m-kernel
15
Microkernel Pros and Cons

• Pros
• Easier to develop services
• Fault isolation
• Customization
• Smaller kernel gt easier to optimize
• Cons
• Lots of boundary crossings
• Really poor performance

16
Virtual Machine

• Virtual machine monitor
• provide multiple virtual real hardware
• run different OS codes
• Example
• IBM VM/370
• virtual 8086 mode
• Java
• VMWare

user
user
OS1
OSn
. . .
VM1
VMn
Small kernel
Bare hardware
17
Hardware Support

• What is the minimal support?
• Can a virtual machine be protected without such
  support?
• Hint what is a Turing machine?

18
System Call Mechanism

• User code can be arbitrary
• User code cannot modify kernel memory
• Makes a system call with parameters
• The call mechanism switches code to kernel mode
• Execute system call
• Return with results

User program
User program
return
call
entry
Kernel in protected memory
19
Interrupt and Exceptions

• Interrupt Sources
• Hardware (by external devices)
• Software INT n
• Exceptions
• Program error faults, traps, and aborts
• Software generated INT 3
• Machine-check exceptions
• See Intel document chapter 5, volume 3 for details

20
Interrupt and Exceptions (1)
Vector Mnemonic Description Type
0 DE Divide error (by zero) Fault
1 DB Debug Fault/trap
2 NMI interrupt Interrupt
3 BP Breakpoint Trap
4 OF Overflow Trap
5 BR BOUND range exceeded Trap
6 UD Invalid opcode Fault
7 NM Device not available Fault
8 DF Double fault Abort
9 Coprocessor segment overrun Fault
10 TS Invalid TSS
21
Interrupt and Exceptions (2)
Vector Mnemonic Description Type
11 NP Segment not present Fault
12 SS Stack-segment fault Fault
13 GP General protection Fault
14 PF Page fault Fault
15 Reserved Fault
16 MF Floating-point error (math fault) Fault
17 AC Alignment check Fault
18 MC Machine check Abort
19-31 Reserved
32-255 User defined Interrupt
22
System Calls

• Interface between a process and the operating
  system kernel
• Categories
• Process management
• Memory management
• File management
• Device management
• Communication

23
OS Kernel Trap Handler
HW Device Interrupt
Sys_call_table
System service dispatcher
System Service Call
HW exceptions SW exceptions
Virtual address exceptions
HW implementation of the boundary
24
Passing Parameters

• Affects and depends on
• Architecture
• Compiler
• OS
• Different choices for different purposes

25
Passing Parameters - Registers

• Place parameters in registers
• of registers
• of usable registers
• of parameters in system call
• Spill/fill code in compiler
• Really fast

26
Passing Parameters - Vector

• Register holds vector address
• Single register
• Vector in users memory
• Nothing horrible, just not common

27
Passing Parameters - Stack

• Place parameters on stack
• Similar to vector approach
• Stack already exists
• Gets copied anyway

Top
frame
frame
28
Library Stubs for System Calls

• Use read( fd, buf, size) as an example
• int read( int fd, char buf, int size)
• move fd, buf, size to R1, R2, R3
• move READ to R0
• int 0x80
• move result to Rresult

User stack
User memory
Registers
Kernel stack
Registers
Linux 80 NT 2E
Kernel memory
29
System Call Entry Point

• Assume passing parameters in registers
• EntryPoint
• switch to kernel stack
• save context
• check R0
• call the real code pointed by R0
• restore context
• switch to user stack
• iret (change to user mode and return)

User stack
User memory
Registers
Kernel stack
Registers
Kernel memory
30
Design Performance Issues

• Can user code lie?
• One result register large results?
• Parameters in user memory
• Multiprocessors

31
General Design Aesthetics

• Simplicity, obviousness
• Generality same call handles many cases
• Composition / decomposition
• But
• Expressiveness
• Performance

32
Separation Of Concerns

• Memory management
• Kernel allocates pages hw protection
• Programs use malloc( ) fine grained
• Kernel doesnt care about small allocs
• Allocates pages to library
• Library handles malloc/free

33
Library Benefits

• Call overhead
• Chains of alloc/free dont go to kernel
• Flexibility easy to change policy
• Fragmentation
• Coalescing, free list management
• Easier to program

34
Feedback To The Program

• System calls, libraries are program to OS
• What about other direction?
• Various exceptional conditions
• General information, like screen resize
• When would this occur?
• Answer signals