VIRTUAL MEMORY AND VIRTUAL OPERATING SYSTEMS

Similar documents
Introduction to Operating Systems Prof. Chester Rebeiro Department of Computer Science and Engineering Indian Institute of Technology, Madras

Lesson 1: Using Task Manager

Exam : Title. : A+ OS Technologies

CS3600 SYSTEMS AND NETWORKS

10 MONITORING AND OPTIMIZING

LECTURE 12. Virtual Memory

Imagenation PX Series

Paragon Exact Image. User Manual CONTENTS. Introduction. Key Features. Installation. Package Contents. Minimum System Requirements.

CS399 New Beginnings. Jonathan Walpole

BASIC OPERATIONS. Managing System Resources

CS 5523 Operating Systems: Memory Management (SGG-8)

File System NTFS. Section Seven. NTFS, EFS, Partitioning, and Navigating Folders

Memory Management Topics. CS 537 Lecture 11 Memory. Virtualizing Resources

Computer Organization and Architecture. OS Objectives and Functions Convenience Making the computer easier to use

Part 2 (Disk Pane, Network Pane, Process Details & Troubleshooting)

CHAPTER 3 RESOURCE MANAGEMENT

Lesson 2: Using the Performance Console

Virtual Memory. Chapter 8

Virtual Memory. CSCI 315 Operating Systems Design Department of Computer Science

Chapter 8 Memory Management

Introduction to Computer Systems and Operating Systems

CS 31: Intro to Systems Virtual Memory. Kevin Webb Swarthmore College November 15, 2018

IP Cam Secure Pre-Installation Notes

Move back and forth between memory and disk. Memory Hierarchy. Two Classes. Don t

Memory Management Ch. 3

Topics: Memory Management (SGG, Chapter 08) 8.1, 8.2, 8.3, 8.5, 8.6 CS 3733 Operating Systems

stack Two-dimensional logical addresses Fixed Allocation Binary Page Table

I. Ch 5 System Software

6 - Main Memory EECE 315 (101) ECE UBC 2013 W2

CS307: Operating Systems

Downloaded from various sources on the NET

About the Presentations

Virtual Memory. Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. November 15, MIT Fall 2018 L20-1

Tutorial on Memory Management, Deadlock and Operating System Types

Operating Systems, Fall

CS24: INTRODUCTION TO COMPUTING SYSTEMS. Spring 2018 Lecture 23

Some Basic Terminology

For The following Exercises, mark the answers True and False

ECE 7650 Scalable and Secure Internet Services and Architecture ---- A Systems Perspective. Part I: Operating system overview: Memory Management

File Systems. OS Overview I/O. Swap. Management. Operations CPU. Hard Drive. Management. Memory. Hard Drive. CSI3131 Topics. Structure.

Recall from Tuesday. Our solution to fragmentation is to split up a process s address space into smaller chunks. Physical Memory OS.

PROCESS VIRTUAL MEMORY. CS124 Operating Systems Winter , Lecture 18

V. File System. SGG9: chapter 11. Files, directories, sharing FS layers, partitions, allocations, free space. TDIU11: Operating Systems

The functionality. Managing more than Operating

OPERATING SYSTEMS SECURITY CPU & BASIC COMPUTING HARDWARE

CIS Operating Systems Memory Management Address Translation for Paging. Professor Qiang Zeng Spring 2018

Virtual Memory. CS61, Lecture 15. Prof. Stephen Chong October 20, 2011

CS24: INTRODUCTION TO COMPUTING SYSTEMS. Spring 2015 Lecture 23

CS307: Operating Systems

Memory Allocation. Copyright : University of Illinois CS 241 Staff 1

IT ESSENTIALS V. 4.1 Module 5 Fundamental Operating Systems

Chapter 8. Virtual Memory

Virtual Memory Paging

Chapter 8. Operating System Support. Yonsei University

Chapter 8 Operating Systems and Utility Programs أ.أمل زهران

Virtual Memory. Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. April 12, 2018 L16-1

Lab B: Configuring Disk Compression and Quotas

Virtual Memory. Patterson & Hennessey Chapter 5 ELEC 5200/6200 1

14 May 2012 Virtual Memory. Definition: A process is an instance of a running program

Week 2: Tiina Niklander

Operating Systems, Fall Lecture 5, Tiina Niklander 1

Memory. Principle of Locality. It is impossible to have memory that is both. We create an illusion for the programmer. Employ memory hierarchy

Embedded Systems Dr. Santanu Chaudhury Department of Electrical Engineering Indian Institute of Technology, Delhi

Operating Systems. Memory Management. Lecture 9 Michael O Boyle

Introduction to Operating Systems. Chapter Chapter

Distributed Systems Operation System Support

Virtual Memory. Chapter 8

John Wawrzynek & Nick Weaver

Memory Management. Memory

CS370 Operating Systems

With regard to operating systems the kernel consists of the most frequently used functions in the operating system and it kept in main memory.

Memory Management. Disclaimer: some slides are adopted from book authors slides with permission 1

CS450/550 Operating Systems

A+ Guide to Managing and Maintaining your PC, 6e. Chapter 2 Introducing Operating Systems

Operating Systems (2INC0) 2017/18

CS 134: Operating Systems

1. Creates the illusion of an address space much larger than the physical memory

CHAPTER 11: IMPLEMENTING FILE SYSTEMS (COMPACT) By I-Chen Lin Textbook: Operating System Concepts 9th Ed.

OPERATING SYSTEMS. After A.S.Tanenbaum, Modern Operating Systems 3rd edition Uses content with permission from Assoc. Prof. Florin Fortis, PhD

Memory Management - Demand Paging and Multi-level Page Tables

PARAGON ADAPTIVE RESTORE

Summer 2003 Lecture 27 07/28/03

Princeton University. Computer Science 217: Introduction to Programming Systems. The Memory/Storage Hierarchy and Virtual Memory

Performance of Various Levels of Storage. Movement between levels of storage hierarchy can be explicit or implicit

Virtual Memory. Stefanos Kaxiras. Credits: Some material and/or diagrams adapted from Hennessy & Patterson, Hill, online sources.

Computer System Overview OPERATING SYSTEM TOP-LEVEL COMPONENTS. Simplified view: Operating Systems. Slide 1. Slide /S2. Slide 2.

Install QlikView Expressor Standard and Enterprise Editions

Windows 2000 Computer Management

Quick Start Guide. MotionDV STUDIO 5.6. Cover

DISK DEFRAG Professional

CS 333 Introduction to Operating Systems. Class 11 Virtual Memory (1) Jonathan Walpole Computer Science Portland State University

Computer System Overview

Assembly Language. Lecture 2 x86 Processor Architecture

Recent Operating System Class notes 10 Administrative Tools (Part three) April 21, 2004

Operating Systems. Designed and Presented by Dr. Ayman Elshenawy Elsefy

Background. Contiguous Memory Allocation

Basic Memory Management. Basic Memory Management. Address Binding. Running a user program. Operating Systems 10/14/2018 CSC 256/456 1

Agilent Genomic Workbench 6.0

Chapter 8 & Chapter 9 Main Memory & Virtual Memory

Processes and Tasks What comprises the state of a running program (a process or task)?

Transcription:

VIRTUAL MEMORY AND VIRTUAL OPERATING SYSTEMS Course Code: Course Description: CSCI-620 OPERATING SYSTEMS SECURITY : Session: 1 Lecture Unit: CSN1 Topic: Windows virtual memory management Author: Prof. Bill Mihajlović Year: 2011/2012 Dr. R.A. Mihajlovic, 2012 Reproduction in any shape or form is prohibited. Topics Introduction Physical & virtual memory Swap space Virtual memory adjustment Single program virtual memory Removing swap paging file (PF) Tracking swap PF percentage usage OS limits on physical memory usage Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 2 1

Virtual Memory Virtual memory system has hard drive space acting like a background memory extension. Functions of Virtual Machine Manager (VMM) Stores virtual memory extension capacity in a file called a swap file Moves 4KB pages into and out of physical RAM frames Disk thrashing is a problem caused by small RAM and excess memory paging with many programs loaded. Settings you can change in Virtual Memory dialog box Minimum and maximum file size The location of the swap file (Win386.swp) Swap files (UNIX swap partition) can be placed on a compressed drive/volume. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 3 Physical memory A single program instruction on an Intel 386 or later CPU can address up to 4GB of physical memory, using its full 32 bits. 2 32 = 4294967296 = 4G This is normally far more than the total installed system board physical memory (RAM+ROM) of the machine, (Not always). Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 4 2

Exercise 1: Windows msinfo32 utility Run standard Windows msinfo32.exe utility System board memory is scattered all over the real memory map Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 5 Question 1 Inspect the general screen on your system and determine the following parameters: Total physical memory? Available physical memory? What is the size of total real memory map? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 6 3

Question 2 Inspect the general screen on your system and determine the following parameters: Total virtual memory? Available virtual memory? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 7 Virtual and physical memory Virtual memory is a hardware-software computer sybsystem that enables programs to run in a memory address space whose size and addressing are not necessarily tied to the physical memory. When the total size and addressing of the process exceeds the available physical memory, the CPU will swap data to the hard drive and back. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 8 4

Question 3 Inspect the general report screen of msinfo32 utility shown below and answer the following questions: Is total physical memory larger here than total virtual memory parameter? Does it sound like a paradox? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 9 Question 4 Inspect the general screen on your system and determine the following parameters: Total swap page file space size? Name and location of the swap page file? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 10 5

Windows swap page file Only those parts of the program and data that are currently in active use need to stay loaded in physical memory. Other program parts not immediately needed are held in a: swap file (as it s called in Windows 95/98/ME: Win386.swp), or page file (in Windows NT versions including Windows 2000 and XP: pagefile.sys). Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 11 Swap storage space If there is pressure on space in physical memory, then parts of code and data that are not currently needed can be temporarily paged out in order to make room. The page file can be seen as an overflow area to make the RAM behave as if it were larger than it is. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 12 6

Exercise 2: Swap file The XP page file is a hidden file pagefile.sys. It is regenerated at each boot. Show the screen shot of your system page file? Folder Options View set to Show Hidden and System files, and not to Hide Protected mode System files. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 13 Question 5 Attack that would start endless count of concurrent programs with large data segments could inflate swap space and consume free storage space. Does such attack appear as denila of service attack or DOS? What services would be denied with such an attack? Windows pagefile.sys growth is limited. What is the maximal swap page files size allowed in your system? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 14 7

Page fault interrupt When a program tries to access some address that is not currently in physical memory, it generates an interrupt, called a Page Fault. Page fault requests from VM subsystem to retrieve the 4 KB page containing the faulty address: from the swap page file, or possibly from the original program file This valid page fault normally happens quite transparently, (From the user s point of view invisibly.) Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 15 Program code and data At run time, one program s code and data may be distributed and located: In physical memory loaded as CS and DS, On the swap storage space, (Most likely parts of DS), and On the original file system storage space, (Most likely CS unloaded parts). Only one portion is loaded in physical memory. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 16 8

Program virtually loaded VM creates an illusion of having entire program loaded and available to CPU: Program is virtually loaded, or Program is loaded into virtual memory. Program executes in virtual memory. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 17 Question 3 paradox Consider N programs virtually loaded using physical memory for N code and data segments CS i, DS i, i=1,2,3,..., N The global capacity of virtual memory space is much larger than the parameter Total Virtual Memory, (2GB). Total Virtual Memory is available just to one program out of N concurrently virtually loaded and executing. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 18 9

Virtual memory capacity Virtual memory global capacity is limited by the number N of programs that can be concurrently executing. It is equal to the summation of Physical memory available for execution of N programs CS i, DS i, i=1,2,3,..., N Swap space size, and Size of all running program file-portions that have not been yet physically loaded. Virtual memory global capacity may easily be tens of GB in size. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 19 Exercise 3: VM problems & tuning Sometimes system either has too many programs running at once, (too many concurrent processes) System just does not have enough of free physical memory. Swap space is full and no more programs can be loaded. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 20 10

Question 6 What is the reason of the following Windows message: Windows - Virtual Memory Minimum Too Low! Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 21 Adjusting-tuning VM parameters Start sysdm.cpl utility. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 22 11

Adjusting-Tuning VM parameters Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 23 Swap space modification Modify maximal VM size from 4092MB to 8GB. Paging file represents VM supporting storage swap space. If physical memory cannot be added, swap space limit can be increased. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 24 12

Swap space modification Recommended page file initial size is 1.5 times the size of the physical memory (RAM) installed. The maximum size is 3 times physical memory. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 25 Performance hint To keep page file from resizing, fragmenting and eventually slowing its access down you have to specify the same amount for both initial and maximal values. You'll have to reboot in order for the changes to take place. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 26 13

Removing swap paging file To delete a paging file, set both initial size and maximum size to zero, or click No paging file. Microsoft recommends that you do not disable or delete the paging file. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 27 Question 7 Can swap page file be placed on any drive C:, D: or E:? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 28 14

Non-Paged Area Non-Paged area parts of the Windows XP OS code and data which are so important that they must be always memory resident, may never be paged out. Mainly contains core code of the system, which is not likely to contain serious faults. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 29 Non-Paged Area In case of serious OS attack and kernel damage a blue screen referring to PAGE FAULT IN NON- PAGED AREA probably indicates a serious problem. If such faults arise when you have recently installed or updated something, try uninstalling it. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 30 15

Windows STOP message STOP Messages literally mean Windows OS has crashed, (has stopped!) 0x00000050: PAGE_FAULT_IN_NONPAGED_AREA STOP messages are identified by an 8-digit hexadecimal number, but also commonly written in a shorthand notation; e.g., a STOP 0x0000000A may also be written STOP 0xA. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 31 Windows VM working set Working set size W of a program translates into a number of memory pages (4kB/page) ofthe application process is being kept loaded and resident in real memory. W 100% When entire program image is resident in physical memory, all pages are loaded, working set is W=100%. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 32 16

: Inspecting program s memory When trying to investigate problematic behavior of a running program, inspecting memory behavior may be a good idea. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 33 Windows memory usage To monitor memory usage in Windows servers, use the "Mem Usage" statistic in the Task Manager. This statistic measures the working set size. "Mem Usage" is NOT a measure of overall memory usage, (only per program usage). Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 34 17

VM program size If overall memory usage needs to be checked periodically, use the "VM Size" column in the Task Manager. To view the "VM Size" column, make sure "Processes" is selected. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 35 Task manager Click on the "View" menu and choose "Select Columns". A dialog box will appear in which "VM Size" will be an option. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 36 18

VM size and page usage history Check your system Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 37 Exercise 5: Using system monitor Inspect how much page file (PF) does your system use? You should first find out how much memory you're using, and how much of it is on your disk. One accurate way is by monitoring the %Usage Peak counter in the System Monitor tool (The peak usage of the page file instance in percent): Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 38 19

Monitoring page file usage Open Performance console from the Administrative Tools. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 39 Monitoring page file usage Add new counter Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 40 20

Monitoring page file usage Browse list of performance system objects and select Paging File Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 41 Question 8: Monitoring page file usage What system parameters are aemonitored toednow? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 42 21

Question 9 What is your PF usage peak [%]? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 43 Question 10 Search the Web and find out why Windows XP x32 cannot use and report more than 3.5GB of physical memory. Try: http://www.geek.com/articles/chips/windows-xpmaximum-memory-2001102/ Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 44 22

Question 11 Problem: My Task Manager shows I have 2.99 GB of physical memory when I just installed 2 2GB sticks in my notebook. How can I get it back? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 45 OS Memory Addressing Limits Windows programs are stuck with a 2 GB per program virtual memory limit due to the way OS handles virtual memory. The 2 GB limit is not a physical processor limit, but rather an implementation-in-windows limit Windows XP x64 Professional does not have that limit. It supports 128 GB of RAM and 16 terabytes t of virtual memory address space, as compared to theoretical 4 GB of both physical RAM and virtual memory address space for 32- bit Windows XP Professional." Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 46 23

Exercise 6: Logging PF usage Download custom PF usage logger utility: http://billsway.com/notes_public/winxp_tweaks/ Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 47 WinXP page file monitor utility Save and un-archive the utility Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 48 24

Page file settings Read the text file and test each program. Get your page file settings Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 49 Utility desktop helpers Install two desktop helpers. Test both programs Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 50 25

Question 12 a) What is your exact PF size? a) What is your exact peak PF usage? Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 51 Page file log data inspection View the PF data log. Repeat the previous and this slide activity. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 52 26

Homework Describe purpose and function of standard and government bodies: The National Information Assurance Partnership (NIAP) is a U.S. Government initiative National Institute of Standards and Technology (NIST) and National Security Agency (NSA). Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 53 Homework Download tool: http://www.grc.com/securable.htm Verify if your hardware platform supports hardware/full virtualization? Present the tool printout. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 54 27

Homework Export tool print out to internal buffer, than paste it in NOTEPAD.EXE and copy to your homework. Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 55 The End Dr. R. A. Mihajlovic, 2012 CSCI-620 Operating Systems Security 56 28

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback