l

O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Advanced Operating Systems(BCST- 801)

Department of CSE
Faculty Name: Dr. Kavitha Kadarla

Subject: Advanced Operating B.Tech (CSE)

Systems
Semester- 8th
Subject Code: BCST-801

SYLLABUS
UNIT I: Overview of UNIX system calls. The anatomy of a system call and x86
mechanisms for system call implementation. How the MMU/memory translation,
segmentation, and hardware traps interact to create kernel–user context separation.
What makes virtualization work? The kernel execution and programming context.
Live debugging and tracing. Hardware and software support for debugging.

CO 1: Understand fundamentals of UNIX system calls and x86 mechanisms and

abstractions such as MMU/memory translation, segmentation, and hardware traps etc.

1
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Lecture- 1
UNIT I

Introduction to Advanced Operating Systems

Overview of UNIX system calls

UNIX system calls are used to manage the file system, control processes,and to provide
interprocess communication. The UNIX system interface consists of about 80 system
calls (as UNIX evolves this number will increase). The following table lists about 40 of
the more important system call:

GENERAL CLASS SPECIFIC CLASS SYSTEM

CALL
File Structure Creating a Channel creat()
Related Calls open()

close()

Input/Output read()

write()

Random Access lseek()

Channel Duplication dup()

Aliasing and Removing link()

Files unlink()

File Status stat()

fstat()

Access Control access()

chmod()

chown()

umask()

2
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Device Control ioctl()

Process Related Process Creation and exec()

Calls Termination fork()
wait()

exit()

Process Owner and Group getuid()

getuid()

getgid()

getegid()

Process Identity getpid()

getppid()

Process Control signal()

kill()

alarm()

Change Working Directory chdir()

Interprocess Pipelines pipe()

Communication Messages msgget()

msgsnd()

msgrcv()

msgctl()

Semaphores semget()
semop()

Shared Memory shmget()

shmat()

shmdt()

3
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

[NOTE: The system call interface is that aspect of UNIX that has changed the most
since the inception of the UNIX system. Therefore, at the time of writing a software
tool, one should protect that tool by putting system calls in other subroutines within
the program and then calling only those subroutines. Should the next version of the
UNIX system change the syntax and semantics of the system calls now used, needs
only to change the interface routines.]

4
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Lecture- 2

The anatomy of a System call and x86 mechanisms for system call
implementation.

Anatomy of a System call

NaCl syscalls are the interface between untrusted code and the trusted codebase.
They are the means by which a NaCl process can execute code outside the inner
sandbox. This is kind of a big deal, because the entire point of NaCl is to prevent
untrusted code from getting out of the inner sandbox. Accordingly, the design and
implementation of the syscall interface is a crucial part of the NaCl system.
This figure shows the flow of control:

The purpose of a syscall is to transfer control from an untrusted execution context to a

trusted one, so that the thread can execute trusted code. The details of this
implementation vary from platform to platform, but the general flow is same.
The syscall starts as a call from untrusted code to a trampoline, which is a tiny bit of
code (less than one NaCl bundle) that resides at the bottom of the untrusted address
space. Each syscall has its own trampoline, but all trampolines are identical--in fact,
they're all generated by the loader from a simple template.

5
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

The trampoline does at most two things:

1. Exits the hardware sandbox (on non-SFI implementations) by restoring the original
system value of
%ds.
2. Calls the untrusted-to-trusted context switch function (NaCl Syscall Seg)
The many ways of implementing user-to-kernel transitions on x86, i.e. system calls.
Let’s first quickly
review what system calls actually need to accomplish.

System call implementation

In modern operating systems there is a distinction between user mode (executing

normal application code) and kernel mode1 (being able to touch system configuration
and devices). System calls are the way for applications to request services from the
operating system kernel and bridge the gap. To facilitate that, the CPU needs to
provide a mechanism for applications to securely transition from user to kernel mode.

Secure in this context means that the application cannot just jump to arbitrary kernel
code, because that would effectively allow the application to do what it wants on the
system. The kernel must be able to configure defined entry points and the system call
mechanism of the processor must enforce these.
After the system call is handled, the operating system also needs to know where to
return to in the application, so the system call mechanism also has to provide this
information.

Now, let us with four mechanisms that match this description that work for 64-bit
environments.
save the weirder ones that only work on 32-bit for another post. So we have:

1. Software Interrupts using the int

2. Call Gates
3. Fast system calls using sysenter sys
exit
4. Fast system calls using syscall / sy
sr
et
instruction Software interrupts are the oldest mechanism. The key idea is to use the
same method to enter the kernel as hardware interrupts do. In essence, it is still the
mechanism that was introduced with Protected Mode in 1982 on the 286, but even the
earlier CPUs already had cruder versions of this.

6
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Because interrupt vector 0x80 can still be used to invoke system calls2 on 64-bit Linux,
we are going to stick with this example:

The processor finds the kernel entry address by taking the interrupt vector number from
the int instruction and looking up the corresponding descriptor in the Interrupt
Descriptor Table (IDT). This descriptor will be an Interrupt or Trap Gate3 to kernel
mode and it contains the pointer to the handling function in the kernel.

7
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Lecture- 3

The MMU/memory translation

The Memory Management Unit (MMU) performs translations. The MMU contains
the following:
The table walk unit, which contains logic that reads the translation tables from memory.
Translation Lookaside Buffers (TLBs), which cache recently used translations.
All memory addresses that are issued by software are virtual. These memory addresses
are passed to the MMU, which checks the TLBs for a recently used cached translation.
If the MMU does not find a recently cached translation, the table walk unit reads the
appropriate table entry, or entries, from memory, as shown here:

A virtual address must be translated to a physical address before a memory access can
take place (because we must know which physical memory location we are accessing).
This need for translation also applies to cached data, because on Armv6 and later
processors, the data caches store data using the physical address (addresses that are
physically tagged). Therefore, the address must be translated before a cache lookup can
complete.
Note: Architecture is a behavioural specification. The caches must behave as if they are
physically tagged. An implementation might do something different, as long as this is
not software-visible.

Table entry

8
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

The translation tables work by dividing the virtual address space into equal-sized
blocks and by providing one entry in the table per block.

Entry 0 in the table provides the mapping for block 0, entry 1 provides the mapping
for block 1, and so on. Each entry contains the address of a corresponding block of
physical memory and the attributes to use when accessing the physical address.

Table lookup

A table lookup occurs when a translation takes place. When a translation happens,
the virtual address that is issued by the software is split in two, as shown in this
diagram:

This diagram shows a single-level lookup.

9
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

The upper-order bits, which are labelled 'Which entry' in the diagram, tell you which
block entry to look in and they are used as an index into the table. This entry block
contains the physical address for the virtual address.
The lower-order bits, which are labelled 'Offset in block' in the diagram, are an offset
within that block and are not changed by the translation.

Multilevel translation
In a single-level lookup, the virtual address space is split into equal-sized blocks. In
practice, a hierarchy of tables is used.
The first table (Level 1 table) divides the virtual address space into large blocks. Each
entry in this table can point to an equal-sized block of physical memory or it can point
to another table which subdivides the block into smaller blocks. We call this type of
table a 'multilevel table'.

Here we can see an example of a multilevel table that has three levels:

10
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

In Armv8-A, the maximum number of levels is four, and the levels are numbered 0 to
3. This multilevel approach allows both larger blocks and smaller blocks to be
described. The characteristics of large and small blocks are as follows:
Large blocks require fewer levels of reads to translate than small blocks. Plus, large
blocks are more efficient to cache in the TLBs.
Small blocks give software fine-grain control over memory allocation. However, small
blocks are less efficient to cache in the TLBs. Caching is less efficient because small
blocks require multiple reads through the levels to translate.
To manage this trade-off, an OS must balance the efficiency of using large mappings
against the flexibility of using smaller mappings for optimum performance.

Note: The processor does not know the size of the translation when it starts the table
lookup. The processor works out the size of the block that is being translated by
performing the table walk.

Lecture- 4
Segmentation

11
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

In Operating Systems, Segmentation is a memory management technique in which the

memory is divided into the variable size parts. Each part is known as a segment which
can be allocated to a process.

The details about each segment are stored in a table called a segment table. Segment
table is stored in one (or many) of the segments.

Segment table contains mainly two information about segment:

1. Base: It is the base address of the segment

2. Limit: It is the length of the segment.

Why is Segmentation required?

Till now, we were using Paging as our main memory management technique. Paging is
closer to the Operating system rather than the User. It divides all the processes into the
form of pages regardless of the fact that a process can have some relative parts of
functions which need to be loaded in the same page.

The operating system doesn't care about the User's view of the process. It may divide
the same function into different pages and those pages may or may not be loaded at the
same time into the memory. It decreases the efficiency of the system.

It is better to have segmentation which divides the process into segments. Each segment
contains the same type of functions such as the main function can be included in one
segment and the library functions can be included in the other segment.

Translation of Logical address into physical address by segment table

12
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

CPU generates a logical address which contains two parts:

1. Segment Number
2. Offset

For Example:

Suppose a 16 bit address is used with 4 bits for the segment number and 12 bits for the
segment offset so the maximum segment size is 4096 and the maximum number of
segments that can be refereed is 16.

When a program is loaded into memory, the segmentation system tries to locate space
that is large enough to hold the first segment of the process, space information is
obtained from the free list maintained by memory manager. Then it tries to locate space
for other segments. Once adequate space is located for all the segments, it loads them
into their respective areas.

The operating system also generates a segment map table for each program.

13
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

With the help of segment map tables and hardware assistance, the operating system can
easily translate a logical address into physical address on execution of a program.

The Segment number is mapped to the segment table. The limit of the respective segment
is compared with the offset. If the offset is less than the limit then the address is valid
otherwise it throws an error as the address is invalid.

In the case of valid addresses, the base address of the segment is added to the offset to get
the physical address of the actual word in the main memory.

The above figure shows how address translation is done in case of segmentation.

Advantages of Segmentation

1. No internal fragmentation

14
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

2. Average Segment Size is larger than the actual page size.

3. Less overhead

4. It is easier to relocate segments than entire address space.

5. The segment table is of lesser size as compared to the page table in paging.

Disadvantages

1. It can have external fragmentation.

2. it is difficult to allocate contiguous memory to variable sized partition.

3. Costly memory management algorithms.

Lecture- 5

15
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Create kernel-user context separation

There are two modes of operation in the operating system to make sure it works
correctly. These are user mode and kernel mode.
They are explained as follows −
User Mode
The system is in user mode when the operating system is running a user application
such as handling a text editor. The transition from user mode to kernel mode occurs
when the application requests the help of operating system or an interrupt or a system
call occurs.
The mode bit is set to 1 in the user mode. It is changed from 1 to 0 when switching
from user mode tokernel mode.
Kernel Mode
The system starts in kernel mode when it boots and after the operating system is loaded,
it executes applications in user mode. There are some privileged instructions that can
only be executed in kernel mode.
These are interrupt instructions, input output management etc. If the privileged instructions
are executed in user mode, it is illegal and a trap is generated.
The mode bit is set to 0 in the kernel mode. It is changed from 0 to 1 when switching
from kernel modeto user mode.
An image that illustrates the transition from user mode to kernel mode and back again

is −

16
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

In the above image, the user process executes in the user mode until it gets a system
call. Then a system trap is generated, and the mode bit is set to zero. The system call
gets executed in kernel mode.
After the execution is completed, again a system trap is generated and the mode bit is
set to 1. The system control returns to kernel mode and the process execution
continues.
Necessity of Dual Mode (User Mode and Kernel Mode) in Operating System
The lack of a dual mode i.e user mode and kernel mode in an operating system can
cause serious
problems. Some of these are −

 A running user program can accidentaly wipe out the operating system by overwriting
it withuser data.
 Multiple processes can write in the same system at the same time, with disastrous
results.

Lecture- 6

17
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

What makes virtualization work ?

Operating system-based Virtualization refers to an operating system feature in which

the kernel enables the existence of various isolated user-space instances. The
installation of virtualization software also refers to Operating system-based
virtualization. It is installed over a pre-existing operating system and that operating
system is called the host operating system.
In this virtualization, a user installs the virtualization software in the operating system
of his system like any other program and utilizes this application to operate and
generate various virtual machines. Here, the virtualization software allows direct
access to any of the created virtual machines to the user. As the host OS can provide
hardware devices with the mandatory support, operating system virtualization may
affect compatibility issues of hardware even when the hardware driver is not allocated
to the virtualization software.
Virtualization software is able to convert hardware IT resources that require unique
software for operation into virtualized IT resources. As the host OS is a complete
operating system in itself, many OS-based services are available as organizational
management and administration tools can be utilized for the virtualization host
management.

Some major operating system-based services are mentioned below:

18
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

1. Backup and Recovery.

2. Security Management.
3. Integration to Directory Services.

Various major operations of Operating System Based Virtualization are described

below:
1. Hardware capabilities can be employed, such as the network connection and CPU.
2. Connected peripherals with which it can interact, such as webcam, printer, keyboard,
or Scanners.
3. Data that can be read or written, such as files, folders, and network shares.

The Operating system may have the capability to allow or deny access to such
resources based on which the program requests them and the user account in the
context of which it runs. OS may also hide these resources, which leads that when a
computer program computes them, they do not appear in the enumeration results.
Nevertheless, from a programming perspective, the computer program has interacted
with those resources and the operating system has managed an act of interaction.
With operating-system-virtualization or containerization, it is probable to run
programs within containers, to which only parts of these resources are allocated. A
program that is expected to perceive the whole computer, once run inside a container,
can only see the allocated resources and believes them to be all that is available.
Several containers can be formed on each operating system, to each of which a subset
of the computer’s resources is allocated. Each container may include many computer
programs. These programs may run parallel or distinctly, even interrelate with each
other.
Operating system-based virtualization can raise demands and problems related to
performance overhead, such as:
1. The host operating system employs CPU, memory, and other hardware IT resources.
2. Hardware-related calls from guest operating systems need to navigate numerous layers
to and from the hardware, which shrinkage overall performance.
3. Licenses are frequently essential for host operating systems, in addition to individual
licenses for each of their guest operating systems.

The kernel execution and programming context.

Kernel execution
The kernel execution configuration defines the dimensions of a grid and its blocks.
Unique coordinates in blockIdx and threadIdx variables allow threads of a grid to
identify themselves and their domains of data. It is the programmer’s responsibility to
use these variables in kernel functions so that the threads can properly identify the
portion of the data to process. This model of programming compels the programmer to
organize threads and their data into hierarchical and multidimensional organizations.

19
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

In the dictionary a kernel is a softer, usually edible part of a nut, seed, or fruit stone
contained within its shell such as “the kernel of a walnut”. It can also be the central or
most important part of something “this is the kernel of the argument”.
In computing the kernel is a computer program that is the core of a computer’s
operating system,
with complete control over everything in the system.
The kernel is often one of the first programs loaded up on start-up before the boot
loader.
“A boot loader is a type of program that loads and starts the boot time tasks and
processes of an operating system or the computer system. It enables loading the
operating system within the computer memory when a computer is started or booted up.
A boot loader is also known as a boot manager or bootstrap loader.”

You have probably heard the expression of ‘booting up’ a system. The bootloader
translates the data- processing instructions for the central processing unit. The
bootloader handles memory and peripherals like keyboards, monitors and speakers.

The boot system for all standard computers and operating systems
An inkling that the kernel was important as part of the computer system operation,
however it is unsure of how it operates. As such, found more information about the
Linux Kernel in particular.

The Linux Kernel

20
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

“…the kernel is a barrier between applications, CPU, memory, and devices.

Applications are what
people use all the time, with everything from video games to the Internet”

Lecture- 7

21
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

The Linux kernel is a free and open-source, monolithic, Unix-like operating system
kernel. This can berepresented as such.

Of course likely simplified the advantages are as follows.

 Since there is less software involved it is faster.

 As it is one single piece of software it should be smaller both in source and compiled
forms.
 Less code generally means fewer bugs which can translate to fewer security problems.
All OS services run along with the main kernel thread, thus also residing in the same
memory area.The main disadvantages of monolithic kernels are:
 The dependencies between system components — a bug in a device driver might crash
the entire system
 Large kernels can become very difficult to maintain. Most work in the
monolithic kernel is done via system calls.

A system call is a way for programs to interact with the operating system. A computer
program makes a system call when it makes a request to the operating system’s kernel.
System call provides the services of the operating system to the user programs via
Application Program Interface(API).
In an article on the geek stuff the interaction between the computer hardware, OS
Kernel, System Functions, Application Code and Library Functions:

22
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

In computer science, a library is a collection of non-volatile resources used by computer

programs, often for software development.
What is application code and library code. More importantly what is the difference
between the two?

According to Passion for Coding these can be defined as:

Library code meant to be reusable in different applications, under different
circumstances –
extendable and adaptable without code changes.

Application code used in one environment and can be changed to alter the behaviour.
As an example of the difference, I’ll implement a sample logging mechanism. One
written as application code and one written as library code.
As such the difference between a microkernel and a monolithic kernel lies within the
system calls as well as the ‘kernel space’.

23
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

The main differences were listed as the following:

1. The basic point on which microkernel and monolithic kernel is distinguished is that
microkernel implement user services and kernel services in different address spaces and
monolithic kernel implement both user services and kernel services under same address
space.
2. The size of microkernel is small as only kernel services reside in the kernel address
space. However, the size of monolithic kernel is comparatively larger than microkernel
because both kernel services and user services reside in the same address space.
3. The execution of monolithic kernel is faster as the communication between application
and hardware is established using the system call. On the other hands, the execution of
microkernel is slow as the communication between application and hardware of the
system is established through message passing.
4. It is easy to extend microkernel because new service is to be added in user address space
that is isolated from kernel space, so the kernel does not require to be modified.
Opposite is the case with monolithic kernel if a new service is to be added in monolithic
kernel then entire kernel needs to be modified.
5. Microkernel is more secure than monolithic kernel as if a service fails in microkernel the
operating system remain unaffected. On the other hands, if a service fails in monolithic
kernel entire system fails.
6. Monolithic kernel designing requires less code, which further leads to fewer bugs. On
the other hands, microkernel designing needs more code which further leads to more
bugs.

24
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Live debugging and tracing.

Debug and trace enables you to monitor the application for errors and exception with
out VS.NET IDE. In Debug mode compiler inserts some debugging code inside the
executable. As the debugging code is the part of the executable they run on the same
thread where the code runs and they do not given you the exact efficiency of the code (
as they run on the same thread). So, for every full executable DLL you will see a debug
file also as shown in figure ‘Debug Mode'. Trace works in both debug as well as release
mode. The main advantage of using trace over debug is to do performance analysis
which can not be done by debug. Trace runs on a different thread thus it does not
impact the main code thread. There is also a fundamental difference in thinking when
we want to use trace and when want to debug. Tracing is a process about getting
information regarding program's execution. On the other hand, debugging is about
finding errors in the code.

25
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Lecture-8

Hardware and software support for debugging

Hardware Debugging : In computer programming and software development,
debugging is the process of finding and resolving bugs (defects or problems that
prevent correct operation)
within computer programs, software, or systems.
Debugging tactics can involve interactive debugging, control flow analysis, unit testing,
integration testing, log file analysis, monitoring at the application or system level,
memory dumps, and profiling. Many programming languages and software
development tools also offer programs to aid in debugging, known as debuggers.

Software Debugging : Debugging is the process of detecting and removing of existing

and potential errors (also called as ‘bugs’) in a software code that can cause it to behave
unexpectedly or crash. To prevent incorrect operation of a software or system,
debugging is used to find and resolve bugs or defects. When various subsystems or
modules are tightly coupled, debugging becomes harder as any change in one module
may cause more bugs to appear in another. Sometimes it takes more time to debug a
program than to code it.

26
 l
O
M
o
A
R
c
P
S
D
|
3
6
8
2
2
8
3
6

Description: To debug a program, user has to start with a problem, isolate the source
code of the problem, and then fix it. A user of a program must know how to fix the
problem as knowledge about problem analysis is expected. When the bug is fixed, then
the software is ready to use. Debugging tools (called debuggers) are used to identify
coding errors at various development stages. They are used to reproduce the conditions
in which error has occurred, then examine the program state at that time and locate the
cause. Programmers can trace the program execution step-by-step by evaluating the
value of variables and stop the execution wherever required to get the value of variables
or reset the program variables. Some programming language packages provide a
debugger for checking the code for errors while it is being written at run time.

Here’s the debugging process:

1. Reproduce the problem.
2. Describe the bug. Try to get as much input from the user to get the exact reason.
3. Capture the program snapshot when the bug appears. Try to get all the variable values
and states of the program at that time.
4. Analyse the snapshot based on the state and action. Based on that try to find the cause
of the bug.
5. Fix the existing bug, but also check that any new bug does not occur.

Lecture- 9

DOUBT SESSION,
Assignment – 1

27