Traps and Faults. Review: Mode and Space

Similar documents
Memory Protection. Machines and Virtualization. Architectural Foundations of OS Kernels. Memory and the CPU. Introduction to Virtual Addressing

Machines and Virtualization. Systems and Networks Jeff Chase Spring 2006

CSE 120 Principles of Operating Systems

CSE 120 Principles of Operating Systems

Lecture 2: Architectural Support for OSes

CSE 153 Design of Operating Systems Fall 18

Process Scheduling Queues

CSE 153 Design of Operating Systems

Operating Systems ECE344

The Kernel Abstraction

CS 550 Operating Systems Spring Interrupt

Windows Interrupts

Hardware OS & OS- Application interface

Lecture 4: Mechanism of process execution. Mythili Vutukuru IIT Bombay

Computer architecture. A simplified model

Lecture 2: September 9

Operating Systems. Operating System Structure. Lecture 2 Michael O Boyle

The Kernel Abstraction. Chapter 2 OSPP Part I

CS 550 Operating Systems Spring System Call

Lec 22: Interrupts. Kavita Bala CS 3410, Fall 2008 Computer Science Cornell University. Announcements

CS 537 Lecture 2 Computer Architecture and Operating Systems. OS Tasks

Architectural Support for Operating Systems

CS 104 Computer Organization and Design

W4118: interrupt and system call. Junfeng Yang

CS 201. Exceptions and Processes. Gerson Robboy Portland State University

Processes Prof. James L. Frankel Harvard University. Version of 6:16 PM 10-Feb-2017 Copyright 2017, 2015 James L. Frankel. All rights reserved.

Processes. Johan Montelius KTH

9/19/18. COS 318: Operating Systems. Overview. Important Times. Hardware of A Typical Computer. Today CPU. I/O bus. Network

A process. the stack

CSC369 Lecture 2. Larry Zhang

CSC369 Lecture 2. Larry Zhang, September 21, 2015

EE458 - Embedded Systems Exceptions and Interrupts

Anne Bracy CS 3410 Computer Science Cornell University

ECE 650 Systems Programming & Engineering. Spring 2018

COS 318: Operating Systems

Protection. OS central role. Fundamental to other OS goals. OS kernel. isolation of misbehaving applications. Relaibility Security Privacy fairness

Project #1 Exceptions and Simple System Calls

Syscalls, exceptions, and interrupts, oh my!

Interrupts & System Calls

Inf2C - Computer Systems Lecture 16 Exceptions and Processor Management

The Kernel Abstrac/on

CS 153 Design of Operating Systems

CS 5460/6460 Operating Systems

Mechanisms for entering the system

The control of I/O devices is a major concern for OS designers

Last 2 Classes: Introduction to Operating Systems & C++ tutorial. Today: OS and Computer Architecture

Traps, Exceptions, System Calls, & Privileged Mode

The Kernel. wants to be your friend

COS 318: Operating Systems

Computer System Architecture. CMPT 300 Operating Systems I. Summer Segment 3: Computer System Architecture. Melissa O Neill

3.1 Introduction. Computers perform operations concurrently

an infinite loop Processes and Exceptions doing nothing on a busy system timing nothing

for Operating Systems Computer Systems Laboratory Sungkyunkwan University

The OS and Multitasking: An Example

Process Concepts. CSC400 - Operating Systems. 3. Process Concepts. J. Sumey

Why use an Operating System? Operating System Definition

Introduction to the Process David E. Culler CS162 Operating Systems and Systems Programming Lecture 2 Sept 3, 2014

Hakim Weatherspoon CS 3410 Computer Science Cornell University

Lecture 2 Fundamental OS Concepts. Bo 2018, Spring

Interrupts and System Calls

Architectural Support for OS

Operating Systems. Introduction & Overview. Outline for today s lecture. Administrivia. ITS 225: Operating Systems. Lecture 1

CS510 Operating System Foundations. Jonathan Walpole

Common Computer-System and OS Structures

Processes and Non-Preemptive Scheduling. Otto J. Anshus

SYSTEM CALL IMPLEMENTATION. CS124 Operating Systems Fall , Lecture 14

Architectural Support for Operating Systems. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University

Anne Bracy CS 3410 Computer Science Cornell University

CSCE Introduction to Computer Systems Spring 2019

Shell Execution of Programs. Process Groups, Session and Signals 1

EECS 482 Introduction to Operating Systems

Protection and System Calls. Otto J. Anshus

CPS221 Lecture: Operating System Protection

Part I Introduction Hardware and OS Review

操作系统概念 13. I/O Systems

Today s Topics. u Thread implementation. l Non-preemptive versus preemptive threads. l Kernel vs. user threads

Operating Systems CMPSCI 377 Spring Mark Corner University of Massachusetts Amherst

Background: Operating Systems

Processes and Threads. Processes and Threads. Processes (2) Processes (1)

Chapter 4 Multithreaded Programming

EE 109 Unit 17 - Exceptions

Introduction to Kernel Programming. Luca Abeni

CS 33. Architecture and the OS. CS33 Intro to Computer Systems XIX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Systems Programming and Computer Architecture ( ) Timothy Roscoe

KERNEL THREAD IMPLEMENTATION DETAILS. CS124 Operating Systems Winter , Lecture 9

Threads. Still Chapter 2 (Based on Silberchatz s text and Nachos Roadmap.) 3/9/2003 B.Ramamurthy 1

Che-Wei Chang Department of Computer Science and Information Engineering, Chang Gung University

System Calls & Signals. CS449 Spring 2016

Processes. Sanzheng Qiao. December, Department of Computing and Software

OS: An Overview. ICS332 Operating Systems

Address spaces and memory management

CSE380 - Operating Systems. Communicating with Devices

Processes and Threads Implementation

TCSS 422: OPERATING SYSTEMS

Page 1, 5/4/99 8:22 PM

Pebbles Kernel Specification September 26, 2004

Operating System Architecture. CS3026 Operating Systems Lecture 03

CS 355 Operating Systems. Keeping Track of Processes. When are processes created? Process States 1/26/18. Processes, Unix Processes and System Calls

Roadmap. Tevfik Ko!ar. CSC Operating Systems Fall Lecture - III Processes. Louisiana State University. Processes. September 1 st, 2009

Architectural Support for Operating Systems. Jinkyu Jeong ( Computer Systems Laboratory Sungkyunkwan University

Transcription:

Traps and Faults Review: Mode and Space A B C user mode data data kernel mode kernel space 1

Review: the Role of Events ACPUevent is an unnatural change in control flow. Like a procedure call, an event changes the PC. Also changes mode or context (current stack), or both. Events do not change the current space! The kernel defines a handler routine for each event type. Event handlers always execute in kernel mode. The specific types of events are defined by the machine. Once the system is booted, every entry to the kernel occurs as a result of an event. In some sense, the whole kernel is a big event handler. Categorizing Events An interrupt is caused by an external event. device requests attention, timer expires, etc. An exception is caused by an executing instruction. CPU requires software intervention to handle a fault or trap. unplanned deliberate sync fault syscall trap async interrupt AST AST: Asynchronous System Trap Also called a software interrupt or an Asynchronous or Deferred Procedure Call (APC or DPC) control flow Note: different cultures may use some of these terms (e.g., trap, fault, exception, event, interrupt) slightly differently. exception.cc event handler (e.g., ISR: Interrupt Service Routine) 2

System Call Traps User code invokes kernel services by initiating system call traps. Programs in C, C++, etc. invoke system calls by linking to a standard library of procedures written in assembly language. the library defines a stub or wrapper routine for each syscall stub executes a special trap instruction (e.g., chmk or callsys) syscall arguments/results passed in registers or user stack Alpha CPU architecture read() in Unix libc.a library (executes in user mode): #define SYSCALL_READ 27 # code for a read system call move arg0 argn, a0 an # syscall args in registers A0..AN move SYSCALL_READ, v0 # syscall dispatch code in V0 callsys # kernel trap move r1, _errno # errno = return status return Bullet-Proofing the Kernel System calls must be safe to protect the kernel from buggy or malicious user programs. 1. System calls enter the kernel at a well-known safe point. Enter at the kernel trap handler; control transfers to the middle of the kernel are not permitted. 2. The kernel validates all system call arguments before use. Kernel may reject a request if it is meaningless or if the user process has inadequate privilege for the requested operation. 3. All memory used by the system call handler is in kernel space, so it is protected from interference by user code. What stack does the system call execute on? 3

Kernel Stacks and System Call Handling Processes execute user code on a user stack in the user portion of the process virtual address space. data stack stack System calls runinkernel mode on the process kernel stack. Each process has a second kernel stack in kernel space (the kernel portion of the address space). stack syscall dispatch table stack System calls run in the process space, so copyin and copyout can access user memory. The syscall trap handler makes an indirect call through the system call dispatch table to the handler for the specific system call. Example: Mechanics of an Alpha Syscall Trap 1. Machine saves return address and switches to kernel stack. save user SP, global pointer(gp), PC on kernel stack set kernel mode andtransfertoasyscalltraphandler(entsys) 2. Trap handler saves software state, and dispatches. save some/all registers/arguments on process kernel stack vector to syscall routine through sysent[v0: dispatchcode] 3. Trap handler returns to user mode. when syscall routine returns, restore user register state execute privileged return-from-syscall instruction (retsys) machine restores SP, GP, PC and sets user mode emerges at user instruction following the callsys 4

Safe Handling of Syscall Args/Results 1. Decode and validate by-value arguments. Process (stub) leaves arguments in registers or on the stack. 2. Validate by-reference (pointer) IN arguments. Validate user pointers and copy data into kernel memory with a special safe copy routine, e.g., copyin(). 3. Validate by-reference (pointer) OUT arguments. Copy OUT results into user memory with special safe copy routine, e.g., copyout(). 4. Set up registers with return value(s); return to user space. Stub may check to see if syscall failed, possibly raising a user program exception or storing the result in a variable. Questions About System Call Handling 1. Why do we need special copyin and copyout routines? validate user addresses before using them 2. What would happen if the kernel did not save all registers? 3. Where should per-process kernel global variables reside? syscall arguments (consider size) and error code 4. What if the kernel executes a callsys instruction? What if user code executes a retsys instruction? 5. How to pass references to kernel objects as arguments or results to/from system calls? pointers? No: use integer object handles or descriptors (also sometimes called capabilities). 5

Kernel Object Handles Instances of kernel abstractions may be viewed as objects named by protected handles held by processes. Handles are obtained by create/open calls, subject to security policies that grant specific rights for each handle. Any process with a handle for an object may operate on the object using operations (system calls). Specific operations are defined by the object s type. The handle is an integer index to a kernel table. Microsoft NT object handles Unix file descriptors Nachos FileID and SpaceID user space object handles kernel file port etc. Faults Faults are similar to system calls in some respects: Faults occur as a result of a process executing an instruction. Fault handlers execute on the process kernel stack; the fault handler may block (sleep) in the kernel. The completed fault handler may return to the faulted context. But faults are different from syscall traps in other respects: Syscalls are deliberate, but faults are accidents. divide-by-zero, dereference invalid pointer, memory page fault Not every execution of the faulting instruction results in a fault. may depend on memory state or register contents 6

Options for Handling a Fault (1) 1. Some faults are handled by patching things up and returning to the faulted context. Example: the kernel may resolve an address fault (virtual memory fault) by installing a new virtual-physical translation. The fault handler may adjust the saved PC to re-execute the faulting instruction after returning from the fault. 2. Some faults are handled by notifying the process that the fault occurred, so it may recover in its own way. Fault handler munges the saved user context (PC, SP) to transfer control to a registered user-mode handler on return from the fault. Example: Unix signals or Microsoft NT user-mode Asynchronous Procedure Calls (APCs). Example: Unix Signals Unix systems can notify a user program of a fault with a signal. The system defines a fixed set of signal types (e.g., SIGSEGV, SIGBUS, etc.). A user program may choose to catch some signal types, using a syscall to specify a (user mode) signal handler procedure. system passes interrupted context to handler handler may munge and/or return to interrupted context Signals are also used for other forms of asynchronous event notifications. E.g., a process may request a SIGALARM after some interval has passed, or signal another process using the kill syscall or command. 7

Options for Handling a Fault (2) 3. The kernel may handle unrecoverable faults by killing the user process. Program fault with no registered user-mode handler? Destroy the process, release its resources, maybe write the memory image to a file, and find another ready process/thread to run. In Unix this is the default action for many signals (e.g., SEGV). 4. How to handle faults generated by the kernel itself? Kernel follows a bogus pointer? Divides by zero? Executes an instruction that is undefined or reserved to user mode? These are generally fatal operating system errors resulting in a system crash, e.g., panic()! Thought Questions About Faults 1. How do you suppose ASSERT and panic are implemented? 2. Unix systems allow you to run a program under a debugger. How do you suppose that works? If the program crashes, the debugger regains control and allows you to examine/modify its memory and register values! 3. Some operating systems allow remote debugging. A remote machine may examine/modify a crashed system over the network. How? 4. How can a user-mode fault handler recover from a fault? How does it return to the faulted context? 5. How can a debugger restart a program that has stopped, e.g., due to a fault? How are breakpoints implemented? 6. What stack do signal handlers run on? 8

Architectural Foundations of OS Kernels One or more privileged execution modes (e.g., kernel mode) protected device control registers privileged instructions to control basic machine functions Systemcalltrap instruction and protected fault handling User processes safely enter the kernel to access shared OS services. Virtual memory mapping OS controls virtual-physical translations for each address space. Device interrupts to notify the kernel of I/O completion etc. Includes timer hardware and clock interrupts to periodically return control to the kernel as user code executes. Atomic instructions for coordination on multiprocessors A Few More Points about Events The machine may actually be implemented by a combination of hardware and special pre-installed software (firmware). PAL (Privileged Architecture Library) on Alpha hides hardware details from even the OS kernel some instructions are really short PAL routines some special machine registers are really in PAL scratch memory, not CPU registers Events illustrate hardware/software tradeoffs: how much of the context should be saved on an event or switch, and by whom (hardware, PAL, or OS) goal: simple hardware and good performance in common cases 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback