Protection of System Resources I/O Devices Memory CPU Based on different modes of

operation: kernel mode and user mode. Privileged instructions can be issued only in kernel

mode. Mode bit in PSW, checked on every instruction.

Protection of I/O Devices All I/O instructions are privileged instructions. Only accessed through system calls.

Memory Protection Must provide memory protection for the

interrupt vector, interrupt service routines, and other applications address space.

Two registers that determine the range of legal addresses a program may access: Base register – holds the smallest legal

physical memory address. Limit register – contains the size of the

range Memory outside the defined range is

protected.

Use of A Base and Limit Register

Hardware Address Protection

CPU (and OS) Protection Keep user from monopolizing CPU. Ensure OS regains control of CPU.

CPU Protection Timer – interrupts computer after

specified period to ensure operating system maintains control. Timer is decremented every clock tick. When timer reaches the value 0, an

interrupt occurs. Timer commonly used to

implement time sharing.

Privileged Instructions Load base and limit registers?

Privileged Instructions Load base and limit registers? Set the system timer?

Privileged Instructions Load base and limit registers? Set the system timer? Read the system clock?

Privileged Instructions Set the system timer? Read the system clock? Load base and limit registers? Open a file?

Privileged Instructions Load base and limit registers? Set the system timer? Read the system clock? Open a file? Compile a program and create executable?

Privileged Instructions Load base and limit registers? Set the system timer? Read the system clock? Open a file? Compile a program and create executable? Enable/disable interrupts?

System Calls Interface between executing program and OS defined

by set of system calls OS provides. System call causes a TRAP to switch from user to kernel

mode and starts execution at interrupt vector location for TRAP instruction.

Operating system looks at requested operation and any parameters passed by the application.

Dispatches the correct system call handler through a table of pointers to system call handlers.

Handler completes and (may) return to user code at the next instruction. OS may schedule another process to execute.

System Call Interface Example: num_bytes = read(file, buffer,

nbytes) ; Note: application level read is a library call,

and the library call invokes the read system call.

Code is inserted by the compiler to perform steps necessary for call to library.

System Calls

Steps 1-3: Push parameters onto the stack. Step 4. Calls read library function.Step 5. Library puts system call number in register (or other pre-defined location).Step 6: Executes a TRAP instruction switching to kernel mode. Step 7. OS retrieves system call request and calls handler(generally via a table indexed by system call number).

Step 8. System call handler executes system call.Step 9. Call completes, may return to user level-level library call at instruction immediately following TRAP instruction. Count set to –1 if call failed or to number of bytes actually read if successful. Step 10. Library procedure returns to user program.Step 11. User program resets stack pointer to clean up library call.

System Calls for Process Management Process Creation:

fork() system call. Creates an exact duplicate of the calling process

including all variables, file descriptors, registers ……..

fork returns the process ID of child to the parent (pid), and returns a zero to child.

After completion, two independent processes executing “concurrently”.

The parent can choose to wait for the child process to complete before resuming its execution.

Unix fork()

#include <stdio.h>main(int argc, char *argv[]) { int pid, j,k ; j = 10 ; k = 32 ; pid = fork() ; if (pid == 0) /*I am the child*/

{ Do childish things }

else /* I am the parent */wait(NULL) ; /* Block execution until child terminates */

}

j = 10k =32pid = ?

j = 10k =32pid =

j = 10k = 32pid = 0

Set to pid of child.

fork()

Processes Tree on a UNIX System