CMSC421

1
CMSC421

• Chapter 22
• Operating System Concepts
• Windows XP

2
Windows XP

• Windows XP operating system is a 32/64-bit
  preemptive multitasking operating system for AMD
  K6/K7, Intel IA32/IA64 and later microprocessors.
  It is the successor to Windows NT/2000 and the
  replacement for Windows 95/98.

3
History

• Many features are from NT/2000.
• Uses a client-server architecture (like Mach) to
  implement multiple operating system
  personalities, such as Win32 and POSIX.
• Comes in two versions, Personal and Professional.

4
Design Principles

• Security
• Reliability
• Windows and POSIX Application Compatibility
• High Performance
• Extensibility
• Portability
• International Support

5
Security

• Adherence to the design standards to receive U.S.
  Government C-2 security designation.
• Extensive code review and testing, plus use of
  sophisticated automatic analysis tools to
  investigate potential defects that might
  represent security vulnerabilities.

6
Reliability

• Used extensive manual and automatic code review
  to identify over 63,000 lines in the source files
  that might contain issues not detected by
  testing.
• Extends driver verification to catch more subtle
  bugs, improves the facilities for catching
  programming errors in user-level code,.

7
Reliability -- II

• Subjects third party applications, drivers and
  devices to a rigorous certification process.
• New facilities for monitoring the health of the
  PC including downloading fixes for problems
  before they are encountered by the users.

8
Windows/ POSIX Application Compatibility

• Application compatibility is difficult to achieve
  because each application checks for a particular
  version of Windows, may have dependence on the
  quirks of the implementation of APIs.
• XP introduces a compatibility layer that falls
  between applications and the Win32 API. This
  layer makes XP look bug-for-bug compatible with
  previous versions of Windows.

9
Windows/ POSIX Application Compatibility -- II

• Maintains support for running many 16-bit
  applications using a thunking layer that
  translates 16-bit API calls into equivalent
  32-bit calls.
• 64-bit version provides a thunking layer that
  translates 32-bit API calls into native 64-bit
  calls.

10
Windows/ POSIX Application Compatibility -- III

• POSIX support is a POSIX subsystem called
  Interix.
• Most available UNIX-compatible software compiles
  and runs under Interix without modification.

11
High Performance

• Desktop systems are largely constrained by I/O
  performance.
• Servers, and large multi-threaded and
  multi-processor environments are often
  constrained by CPU. Locking and cache-line
  management are key to scalability.

12
High Performance Techniques

• Asynchronous I/o
• Optimized protocols for networks
• Kernel-based graphics
• Sophisticated caching of file-system data.
• Memory management
• Synchronization algorithms
• Reducing code-path length in critical functions.

13
High Performance Techniques -- II

• Using better algorithms and per-processor data
  structures.
• Implementing more scalable locking protocols.
• Except while executing in the kernel dispatcher,
  threads in the subsystems of Windows XP can be
  preempted by higher-priority threads.

14
Extensibility

• Used a layered architecture.
• Uses environmental subsystems to emulate
  different operating systems (DOS, Windows,
  POSIX).
• Uses loadable drivers in the I/O system.
• Uses RPCs for distributed processing.

15
Portability

• Can be moved from one hardware architecture to
  another with relatively few changes.
• Majority of the system is written in C and C.
• Processor-dependent code is isolated in DLL
  called hardware-abstraction layer (HAL).

16
Portability -- II

• Only shipped on IA32 compatible platforms, it was
  also tested on DEC Alpha.
• Maintaining portability is a matter of use it or
  loss it.

17
International Support

• Uses National Language Support API.
• Uses UNICODE as the native language character
  code.
• ASCII is converted to UNICODE.
• System text strings are kept in resource files
  that can be replaced to localize the system for
  different languages.
• Multiple locales can be used concurrently.

18
System Components

• Hardware-Abstraction Layer
• Kernel
• Executive

19
(No Transcript)
20
Hardware Abstraction Layer

• HAL is the layer of software that hides hardware
  differences from upper levels of the operating
  system.
• HAL exports a virtual-machine interface that is
  used by the kernel dispatcher, the executive, and
  the device drivers.
• Only a single version of each device driver is
  required.

21
Kernel

• Kernel Dispatcher
• Threads and Scheduling
• Implementation of Synchronization Primitives
• Software Interrupt Async Proc Calls
• Software Interrupt Deferred Proc Calls
• Exceptions and Interrupts

22
Kernel -- II

• Is object oriented
• An object type is a system defined data type with
  a set of attributes and a set of methods.
• An object is an instance of an object type.
• The kernel performs its job by using a set of
  kernel objects whose attributes shore the kernel
  data, and whose methods perform the kernel
  activities.

23
Kernel Dispatcher

• Provides the foundation for the executive and
  subsystems
• Most is never paged out
• Can not be preempted

24
Kernel Dispatcher Responsibilities

• Thread scheduling
• Implementation of synch primitives
• Timer management
• Software interrupts
• Exception dispatching

25
Threads and Scheduling

• Uses processes and threads for executable code.
• Process has a virtual memory address space and
  information to initialize each thread.
• Each thread is an executable unit dispatched by
  the kernel.

26
Thread states

• Ready
• Standby
• running
• waiting
• transition
• terminated

27
Priority scheme

• 32-level scheme
• Variable class (0 - 15)
• Real-time class (16 - 31)
• Uses a queue for each priority

28
Implementation of Synchronization Primitives

• Dispatcher objects control dispatching and
  synchronization
• Event objects record an event occurrence
• Mutant provides mutex
• Semaphore object acts as a counter or a gate
• Thread object is the entity that is scheduled
• Timer objects keep track of time

29
Asynchronous Procedure Call

• Break into an executing thread and call
  procedure.
• APCs are used to begin execution of a new thread,
  terminate processes, and deliver notification
  that an asynch I/O has completed.
• Queued to a specific thread
• Allow the system to execute both system and user
  code within a process context

30
Deferred Procedure Call

• DPCs are used to postpone interrupt processing.
• Process timer expirations
• Preempt thread execution at end of scheduling
  quantum

31
Exceptions and Interrupts

• Architecture-independent exceptions
• memory-access violation
• integer and floating point divide by zero
• overflow or underflow
• illegal instruction
• data misalignment
• privileged instruction
• page read error, etc

32
Exceptions

• Trap handlers deal with simple exceptions
• More elaborate handling is performed by the
  kernels exception dispatcher.
• If no handler is found, a system error occurs and
  results in a blue screen of death
• Exception handing is more complex for user-mode
  processes

33
Exceptions -- II

• The interrupt dispatcher in the kernel handles
  interrupts by calling an Interrupt Service
  Routine (ISR) supplied by a device driver or a
  kernel trap handler routine.
• For portability, the interrupt dispatcher maps
  hardware interrupts into a standard set.

34
Executive

• Provides a set of services that all environmental
  subsystems use
• Object manager
• Virtual memory manager
• Process manager
• Local procedure call facility
• I/O manager
• Security reference monitor
• Plug-and-play and security managers
• registry
• booting

35
Object Manager

• A generic set of interfaces for managing the
  kernel-mode entities that is manipulated by
  user-mode programs.
• Examples
• semaphores
• mutexes
• events
• processes
• threads

36
Handles

• Each process has an object table that track the
  objects used by the process
• User-mode code accesses these objects using an
  opaque value called a handle that is returned by
  many APIs.
• Object handles can be created by duplicating an
  existing handle, either from either the same or
  different process.

37
Virtual Functions

• Objects are manipulated by a set of virtual
  functions with implementations provided by each
  object type
• query - gets objects name
• parse - search for an object given the objects
  name
• security - makes security checks on all object
  operations.

38
Virtual Memory Manager

• The design of the VM Manager assumes that the
  underlying hardware supports virtual-to-physical
  mapping, a paging mechanism, transparent cache
  coherence on multiprocessor systems and allows
  multiple page-table entries to map to the same
  physical page frame.

39
Virtual Memory Manager -- II

• On IA32 processors each process has a 4GB virtual
  address space.
• The upper 2GB are mostly identical for all
  processes, and are used by Windows XP in kernel
  mode to access the operating system code and data
  structures.
• Key areas that are not identical are page table
  self-map, hyperspace and session space.

40
Page Table Self-map

• The hardware uses a processs page tables using
  physical page-frame numbers.
• The VM manager maps the page tables into a single
  4GB region in the process address space so they
  are accessed through virtual addresses.

41
Hyperspace

• Hyperspace maps the current process working set
  information into the kernel-mode address.

42
Session Space

• Session space is used to share the win32 and
  other session-specific drivers between all the
  processes in the same terminal-server session
  rather than with all the processes in the system.

43
Process Manager

• Provides services for creating, deleting, and
  using processes, threads, and jobs.
• It has no knowledge about parent-child
  relationships left to environmental subsystems.
• Processes contain one or more threads.
• Processes can be collected together into job
  objects.

44
Process Creation

• Once a new process is created, the initial thread
  is created and an APC (Async Procedure Call) is
  delivered to the thread to prompt the start of
  execution at the user-mode image loader
  (ntdll.DLL).
• Also supports a UNIX fork( ) style of process
  creation.

45
Local Procedure Call Facility

• XP uses a client-server model.
• Environmental subsystems are servers that
  implement particular operating system
  personalities.
• XP uses LPCs to pass requests and results
  (messages) between client and server processes
  within a single machine.

46
I/O Manager

• Responsible for file-systems, device drivers, and
  network drivers.
• Works with VM to provide memory mapped I/O
  operations.
• Is fundamentally asynchronous.
• Device drivers are written according to the
  Windows Driver Model (WDM) specification.

47
WDM

• Because of the richness of the WDM, it can be an
  excessive amount of work to write a full WDM
  device driver for each new hardware device.

48
Cache Manager

• Centralized facility.
• Works with file-system and VM mangers.
• Caching in XP is based on files rather than raw
  blocks.
• Size of the cache changes dynamically.

49
Cache

• Cache is divided into blocks of 256KB.
• Each block can hold a memory-mapped region (view)
  of a file.
• Each cache block is described by a
  virtual-address control block (VACB) that stores
  the virtual address and file offset of the view.

50
Security Reference Monitor

• Centralized management of system entities in the
  object manager enables the use of a uniform
  mechanism to perform run-time access validation
  and audit checks for every user-accessible entity
  in the system.

51
Security Tokens

• The SRM is responsible for manipulating the
  privileges in security tokens.
• Special privileges are required to perform back
  or restore operations, overcome certain checks as
  an administrator, debug processes, etc.
• Restricted tokens used to restrict the damage of
  untrusted code.

52
Logging

• The SRM is logging security audit events. A C2
  rating requires the ability to detect and log all
  unauthorized attempts to access system resources.

53
Plug-and-Play Managers

• Recognizes and adapts to changes in the hardware
  configuration.
• For PnP to work, both the device and driver must
  support the PnP standard.
• Must be able to change the interrupts
  dynamically.
• Must support dynamically configurable resources.

54
Registry

• Configuration information is stored in an
  internal database -- the registry.
• Entries (hives) are for system information,
  default user preferences, software installation,
  and security.
• Used to boot the system.

55
Booting

• Sequence
• power on
• BIOS begins executing
• boot loader (NTLDR)
• determines boot device
• loads Hardware-Abstraction Library
• loads kernel and system hive
• loads drivers

56
Booting -- II

• Begins kernel execution
• Creates 2 threads
• system process for all internal worker threads
• user-mode SMSS (similar to UNIX init process)
• finishes initialization
• creates WINLOGON
• creates CSRSS (Win32 subsystem)

57
Environmental Subsystem

• Is user-mode processes layered over the native
  windows XP exec servers to run programs developed
  for other Oss (16-bit Windows, DOS, and POSIX).
• Win32 calls the VM manager to load the executable
  code and return what type the application is.

58
Environmental Subsystem - II

• Uses LPC subsystem to provide OS services to
  client processes.
• Since each subsystem is run as a separate
  user-mode process, a crash in one has no effect
  on other processes. The exception is in Win32,
  which provides all keyboard, mouse, and graphical
  display capabilities -- If it fails, the system
  requires a reboot.

59
MS-DOS Environment

• Virtual DOS Machine emulates Intel 486
  instructions, emulates MS-DOS ROM DIOS and INT
  21h software interrupt services and has virtual
  device drivers for the screen, keyboard, and
  communication ports.
• Some MSDOS programs fail because they require
  access to the disk hardware directly.

60
16-Bit Windows Environment

• VDM has Windows on Windows (WOW32) for Windows
  3.1 software and emulates the kernel routines.
• Applications that rely on the internal structure
  of the 16-bit window manager may not work.
• Only one Win16 application can run at a time.

61
32-Bit Windows Env. On IA64

• Requires a thunking layer to translate 32-bit
  Win32 calles into the corresponding 64-bit calls.
• The implementation of 32-bit and 64-bit windows
  are essential the same, IA64 provides direction
  execution of IA32 instructions.-- higher level of
  compatibility.

62
(No Transcript)