Lecture 2 (January 19, 2000)

Reading

Read Chapters 1-3, 4-5

The  interrupt vector table maps interrupts to the service routines that handle them. This table has one entry for each interrupt. Each entry contains the address of the handler. The interrupt number is used to index into the table. The address in this entry is dereferenced to execute the corresponding handler.

In a few machines the address of the interrupt vector table is fixed at 0. In most machines, it is stored in a register.

Direct Memory Access (DMA)

Direct memory access is an I/O mode that allows data to be transferred directly from an I/O device to a system's memory and vice-versa, with very little intervention from the system's main processor. Instead DMA capable devices rely on processors embedded within the devices themselves.

After intialization by the main processor, these devices take control of the bus and transfer the data directly into or out of the systems's memory. This leaves the main processor free to perform non-I/O related activity.

There is a trade-off, since the DMA-based device is in effect stealing the bus from the CPU. The CPU can not perform memory operations while the DMA transfer is occuring. Fortunately, most of what the CPU needs is stored internally within registers and caches, so DMA is usually a performance win.

Examples of DMA operations might include writing a 512 byte block to disk or a 1500 byte network packet. The device only needs to know the buffer address and the buffer length.

Often the devices have thier own buffers. But there is some electronics required to interface with the devices. In the PC architecture, this is handled by a separate chip on the motherboard.
 

Handling Protection

Protection involves many things including the following:

• Preventing users from slamming each other
• Protecting the privacy of user data, like passwords
• Protection of the Resident Manager from users
• The resident manager must determine who can use a resource and when. Let's consider an important resource, the CPU:
• If one process can capture the CPU, the OS has lost control.
• The OS must have some ability to stay in control

For now, we'll present a simple model for memeory protection. We'll present a more sophisticated model later, but this one is sufficient for aral OS to function

The goal is to make sure that, for example, process 2 can't go outside of the 4K-6K region.

This requires hardware support -- we can't do it in software alone.

The simplest model is for us to add to registers: BASE and LIMIT. This is the simplest model, most computers are more complex.

In order to keep process 2 within it's 2K box, we can do one of two things:

Option #1:

1. Set BASE = 4K
2. Set LIMIT=2K
3. A memory access is legal, iff BASE < X < BASE + LIMIT, where X is the actual memory address

Option #2:

1. Set BASE =  4K
2. LIMIT = 2K
3. A memory access is legal, iff 0 <= X < LIMIT, where X is the actual memory address = BASE + X

Under the first scheme, the process must know the address range where it is running. Consider the difficulty for a language like C with pointers, char *

Not yet, we just have protection against accidents. malicious users cna just change the values of the BASE and LIMIT registers and then trample all over memory. To obtain true protection, we need more hardware support.

To the best of our knowledge, this scheme doesn't have an official name. But your book calls it dual-mode operation, and this seems good enough to us.

Processors that support dual mode operation have two different modes:

• User mode
• Kernel/Supervisor/Monitor/System Mode, and system state (many names for the same thing)

For the moment, let's assume that we can get into and out of kernel mode at appropriate times. What instructions should be reserved for this mode? We'll call these privleged instructions.

• Changing the BASe and LIMIT registers (and other memory protection state built into hardware)
• Disabling and enabling interrupts
• Changing bits in the PSR
• Changing the interrupt vector's base address
• (We don't need to protect the table itself, because we can do this by placing it in the kernel's memory area and protecting the entire area)
• Performing any I/O
• We could tell DMA to overwrite the interrupt vector table
• To prevent this, we protect the DMA address and the kernel verifies all DMA requests.
• By-pass file system protections
• Halt instruction
• Return from interrupt, trap, or exception
• If we don't do this, there is a backdoor way of changing the PSR (push and invoke)

There are three typical means of entering kernel mode. But they are all closely related:

Interupt: An interrupt can be used to switch into kernel mode, since both the table and the PSR are protected.

Exception: Instead of directly entering kernel mode via an interrupt, an alternative is to execute a privleged instruction This will generate a hardware exception. Typically, the kernel kills off the offending process: divide by 0, illegal memory address, &c. But the kernel knows what caused the execption and is free to implement its own policy. The exception handler can enforce this policy and allow the switch into protected mode.

Trap: A trap is a special kind of privleged instruction often called a "kernel call." Many machines actually only have one trap instruction. In these systems the paramters define the meaning of the trap.

Previously we gave you a simplified view of the interrupt vector table. It is really an interrupt, exception, and trap table. It contains entries for all three. Each interrupt, vector, or trap has a unique index into the table.
Student Question: Can you give an example of when a trap would be called? Is it the responsibilty of the interrupt handler to return to user mode?

Answer: Sure. Here's an example. And it is the responsiblility for the trap to return to user mode on return form the trap.
 

main()
{
  int fd;
  fd = open ("fdo", 2);
  write (fd, &buffer, len);
  close (fd);
  exit(0);
}

Each of the above lines (except the fd declaration) results in a kernel call. Each generates a trap to get into the kernel.

For example, the library code for open might do the following:

PUSH foo and 2 onto the stack
TRAP #3
...
subroutine-like return

The #3 is the parameter that tells the trap that the function is open. This code is implemented in the library instead of the program, because C doesn't have a trap instruction.  The library is a tool for us to get this small amount of assembly into our programs.

In many ways, TRAP operates like a subroutine call. It saves state for return, including the PC, PSR, and other registers.

Student Question: Interrupt vs Trap. How strict are the names?

Answer: They are frequently misused. For example, the "Interrupt table" is really the "Interrupt, trap, and vector table." The names used are those used in assembly. These names are written by a software person, These writers aen't generally strict. For example, it really should be an interrupt, not a trap to enter kernel mode:

Interrupt: Asynchronous to the CPU
Exception: Something out of the ordinary
Trap: Invoked explicitly to cause a particular behavior

Answer: The hardware must save some things like the PC, the kernel vs. user mode bit, &c. More might be saved in software or in hardware depending on the OS. Saving any state information in software can be grueling (Watch Prof. Johnson do acrobatics in front of the classroom as he explains what it is like to try to move somewhere with nothing on which to stand.)

A Special I/O Device: The Timer Interrupt

The timer generates periodic interrupts at regular intervals -- "just like clockwork" (pardon a favorite pun). On most current machines it occurs every 10 ms or 100 times per second.

Why would we want this?
 

1. It allows the OS to regain control of the CPU from the running process at periodic intervals. 
   
   An example of a system that does not make effective use of this is an MS-DOS in Windows. Try hitting CTRL-C. The OS won't return until the program yields to the OS.
1. Time something
• time fo day
• sleep for x seconds
• process accounting

Answer: 10mS is a very long time in CPU time

Student Question: Are there any systems that have multiple clocks?

Answer: Many hardware engineers build multiple clocks into systems thinking that software people want it that way. Timer chips often have multiple clocks. But the OS typically uses only one of them. It is much simpler to generate interrupts at constant intervals and then time everything off of those in software.

Processes (Chapter 4)

What is a process? We've already started using these terms, so most of you have some idea about processes and programs.

One defintion is that a process is a program in execution.

A running program needs more than a file on disk, including hardware state:

• Memory (the biggest collection of hardware state)
• PC (the most important piece of hardware state)
• The hardware register that addresses the next instruction. Normally it is sequential, but can go backwards on a loop, or skip ahead on jumps.
• Other registers
• SP
• General purpose registers
• Base and limit registers
• PSR
• &c

text, bss, data, heap, and stack are the UNIX terms for these parts of a process context. The nomenclature may vary in other operating systems, but is largely consistent.
 

• The text area holds the program code.
• The data area holds global and static variables that must be stored in the executible, since they are initialized.
• The bss area holds variables that are unitialized in the sense that their need not be persistently stored on disk -- they can be plugged in later.
• Know one knows for sure why the bss area is called "bss". The original authors claim to have forgotten. One old assembler had a BSS instruction that stood for "Block Memory Starting with Symbol" For example, ABC    BSS   20 described a block of memory starting with the symbol ABC. This seems consistent with the use of bss in UNIX.

Student Question: What happens if the stack and the heap overlap?
Answer: If you are luck, a very fast and bloody death. If you are unluck the process suffers for a long time producing wrong results.